8ac53e10b1437543eb447445343e30ec_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ac53e10b1437543eb447445343e30ec_JaffaCakes118
Size

88KB
MD5

8ac53e10b1437543eb447445343e30ec
SHA1

7012453ce2665750c2351fd0058456377a3706ef
SHA256

2255d62ec2eb3f7ba15c81213f1aec57c5c355ee8cfe4f3d13b2a26524c39156
SHA512

ac30020948552883f00e999c587acc081f80d6328b278de91f7396ea50649dfc1589ffbcaa071c0d4e391c606bc1b140522a81c82b619f93c4fd08b9f877f023
SSDEEP

1536:eypR+vgEIZjlQMPfZID4n14vVtNc8Jby56hRai2oY+XM6FMSSvqdNc02zXD:eZkjN+Du4tNtFvnX2oY+XMESvqw/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ac53e10b1437543eb447445343e30ec_JaffaCakes118

Files

8ac53e10b1437543eb447445343e30ec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8d2ed69afc4264ba0b24bf67b22a36f1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CallNamedPipeA
GetEnvironmentVariableA
CreateMutexW
VirtualFreeEx
GetLastError
GetTempPathA
CreateDirectoryA
GetEnvironmentVariableW
GetCompressedFileSizeW
FindClose
GetCurrentProcess
GetModuleHandleA
SetProcessWorkingSetSize
UnhandledExceptionFilter
EraseTape
SetFileAttributesA

msvcrt

wcsncpy
qsort
_fpclass
_osplatform
_mbsrchr
__wgetmainargs
_Getmonths
_ltow
isalnum
memcpy
_chkesp
remove

winmm

mciLoadCommandResource
mixerSetControlDetails
waveOutGetNumDevs
waveInUnprepareHeader
mmTaskBlock
mixerMessage
mmioWrite

opengl32

glVertex3sv
glMaterialfv
glDrawElements
glColor4s
glTexParameterf
glPixelMapuiv
glRasterPos2fv
wglGetDefaultProcAddress
GlmfBeginGlsBlock
glDebugEntry

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ