ab9e4d4ab75f2e1dc18beee09689384a_JaffaCakes118 | Triage

Sharing

General

Target

ab9e4d4ab75f2e1dc18beee09689384a_JaffaCakes118
Size

27KB
MD5

ab9e4d4ab75f2e1dc18beee09689384a
SHA1

69cb63b3aef09b6a1cd9e63fe1f11699f74cfb4f
SHA256

e8f39268f7a5a22170418afa437ccf864635c7a497abf0c0d57511a239e12f8a
SHA512

5f069472b5f6a59e4b2205a3ece6d9f7088ab1bda3a2f8c7e233dc92882dba9247b513a1fdbf85c7d6cb6d2b8e9f3224198ff4204597aec606a77c53f88108ba
SSDEEP

768:A4pZekJj06pHiFTOaEkam1Mv6iXvXi0+TOB0O33MUd9f3rI3D+pK25X:A0Z9iFSnktdiXvXiYBB3tKmX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab9e4d4ab75f2e1dc18beee09689384a_JaffaCakes118

Files

ab9e4d4ab75f2e1dc18beee09689384a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

261fa8c11d7a343ea0c6293cbc2f7e5a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsA
GetModuleHandleA
SearchPathA
GetComputerNameA
GetProfileSectionW
GetEnvironmentStringsA
GetCurrencyFormatA
CopyFileW
CreateHardLinkA
ExpungeConsoleCommandHistoryW
GetPrivateProfileSectionA

user32

EnumWindowStationsA
RealGetWindowClassW
GetClipboardFormatNameW
LoadMenuIndirectA
GetMenuStringA
LoadStringA

gdi32

ResetDCA
AddFontResourceA
CopyMetaFileW

Sections

.data?
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fasm
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fasm
Size: 8KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.��
Size: 1024B - Virtual size: 878B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ