ab7e2fcf6250f247988ff65726e8fe78_JaffaCakes118 | Triage

Sharing

General

Target

ab7e2fcf6250f247988ff65726e8fe78_JaffaCakes118
Size

32KB
MD5

ab7e2fcf6250f247988ff65726e8fe78
SHA1

a702c14837f526b07b127df0fa89fd8bf8bd5231
SHA256

fed16e8dccab2988c74126763391d4f5319c4b37c8d668cddb2a4f64999fbc5b
SHA512

ee806071400e86265dd568b02e311b3dde6e0b8f66bac18000644683027128cf597b777ad806953467e8c138782090d25226f9139a1c8c77b318342792054220
SSDEEP

384:YqBPjoUJnG6+czwHVq84hkC2bu7J3yxW+Ex:JBt83kAeFV3yC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab7e2fcf6250f247988ff65726e8fe78_JaffaCakes118

Files

ab7e2fcf6250f247988ff65726e8fe78_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8d634d60205a5294feb7da73af1a4ba8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MapViewOfFile
CloseHandle
DuplicateHandle
GetTempPathA
CreateFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
CreateFileMappingA
GetLastError
CompareStringA
GetSystemTimeAsFileTime
GetVersion
SystemTimeToFileTime
IsDebuggerPresent
UnmapViewOfFile
GetStartupInfoA
InterlockedIncrement
ExitProcess
LocalFree
FormatMessageA
ReadFile
VirtualAlloc
GetModuleHandleA

user32

EnableWindow
SetWindowPos
MessageBoxA
wsprintfA
CreateWindowExA

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 822B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ