aaebe58c55b6ab81f966a5ccb30f00f9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aaebe58c55b6ab81f966a5ccb30f00f9_JaffaCakes118
Size

53KB
MD5

aaebe58c55b6ab81f966a5ccb30f00f9
SHA1

af2881c08f3f869aa8b4d7b05ffa646643df2acb
SHA256

9d6163869f41544333c51e9e5d96f1e2bcd25211c52757b6778e0e9096979ede
SHA512

6a7dc604a045e8d9183f30d970c157b2e6fe446ae30036a15cf269dbd2ddde14e1d83f7b26329e7b34083abac96bd500109a882605845c1fef0c0ab02e3d62a8
SSDEEP

1536:3hIXvlYv2CuGTiNEdNoWlj/Kc0eLqR0o9P/Dq6Ma:xKdYqHEL9weui6D7Ma

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aaebe58c55b6ab81f966a5ccb30f00f9_JaffaCakes118

Files

aaebe58c55b6ab81f966a5ccb30f00f9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fc7ee7b3685438aa8a622faf21d76259

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AreFileApisANSI
ClearCommBreak
ExitProcess
GetModuleFileNameA
LoadLibraryA
MoveFileA
WaitForDebugEvent

advapi32

AdjustTokenPrivileges
BuildImpersonateTrusteeA
CryptExportKey
CryptGetProvParam
GetFileSecurityW
ObjectDeleteAuditAlarmA
RegCloseKey

shell32

ExtractIconEx
SHGetFileInfo
SHInvokePrinterCommandW
SheChangeDirExW
SheRemoveQuotesW
ShellAboutW
ShellExecuteEx

gdi32

CreateRectRgn
GetCharWidthW
LineDDA
SetDIBits
SetDeviceGammaRamp
SetPolyFillMode
SetTextAlign

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE