ab8427436fb97d2f0537cf4fb807c67c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab8427436fb97d2f0537cf4fb807c67c_JaffaCakes118
Size

468KB
MD5

ab8427436fb97d2f0537cf4fb807c67c
SHA1

f20c3dcbd143541e4f25750c377cf875f4ce61ee
SHA256

e7588ed5aaf577117e286a0ed09f642df5e62f320648e7d89f7b01d9f8794d1f
SHA512

4e6cd06b7450af024e74724296e13291be9d7fd9a5acd29047cfe72454ee8bf2b23ba17c2cd4b7a2d4bc461b1a0aa0f3ea48665a1dd1f4118ce4988c33d2bc18
SSDEEP

6144:XdPjoexoCSVlU3AeXcFrd8OQa7B6TbeY8tsvGdjW2rM5AeAmzKXL3HYTqmAdrwpB:NZeVcdkg358tfPeAjDXL3HG9QusPYdW6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab8427436fb97d2f0537cf4fb807c67c_JaffaCakes118

Files

ab8427436fb97d2f0537cf4fb807c67c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e304217fc16c011615a0ec22783cbfae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcatA
InitializeCriticalSection
GetProcAddress
LocalFree
RaiseException
LocalAlloc
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
SearchPathA
ResumeThread
WriteProcessMemory
GetPrivateProfileSectionA
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW

user32

DefWindowProcA
AdjustWindowRectEx

Sections

0
Size: 48KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1
Size: 4KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2
Size: 352KB - Virtual size: 351KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3
Size: 48KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

4
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE