ab4a2678ccb83bff137f8f6a0f6cf90a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab4a2678ccb83bff137f8f6a0f6cf90a_JaffaCakes118
Size

729KB
MD5

ab4a2678ccb83bff137f8f6a0f6cf90a
SHA1

65f35fb4ae30fead0e0ebe5ddf6b0ea45196c9bc
SHA256

329693c397c860dbe81147eaa071a2c74c3323324bdadb1d23b0823b296b3224
SHA512

88e6965c325f350723107b87b250f382a0fff37628c0e6ad7744b55e2c88a55ac828c6906afc53e3df3100d49d9af1f0e40e4d2a2fbecccc43c629f58ffbf17e
SSDEEP

12288:BNGxza+XgPaDvcbh/hVF3btYbLH6SdblupfWtVANMxySgduUIUD4UQo:3GV+6WhD3bObL3UW7hxy9d5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab4a2678ccb83bff137f8f6a0f6cf90a_JaffaCakes118

Files

ab4a2678ccb83bff137f8f6a0f6cf90a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c8c0863ad7bcca8a7528321f6f16e726

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetVersion
LocalFree
GlobalFree
Sleep
GetModuleHandleA
GetTickCount
GetCommandLineA
GlobalAlloc
lstrlenA
lstrcatA
GetLastError
lstrcpyA
GetFileSize
GetStartupInfoA

user32

BeginPaint
ShowWindow
GetClientRect
EndPaint
DestroyWindow
DispatchMessageA
GetFocus
GetMessageA

gdi32

SetPixel
MoveToEx
LineTo
GetDeviceCaps
SetROP2
SetBkMode
GetBkColor
GetObjectA
CreateFontIndirectA
PatBlt
CreateSolidBrush
GetTextExtentPoint32A

msvcrt

memmove
__set_app_type
_acmdln
__getmainargs

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 601KB - Virtual size: 604KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 648KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ