ab8e7f1c56203d0cf74b60f9e5ca970b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab8e7f1c56203d0cf74b60f9e5ca970b_JaffaCakes118
Size

67KB
MD5

ab8e7f1c56203d0cf74b60f9e5ca970b
SHA1

7eb8529cf53932354c8962ad408f66691ea2e924
SHA256

2d447ce8dd9f56e0be7600d97320351569a2c1b5f331b0d0ff1e1250a4856484
SHA512

969a3159dd9f226147016279087a5c87d84e1587fc9d74f9ec2bbcf9b4003c8925726c5aea51ee65c9bf774b5aa7f480dde24ee1e2d4760d53df827533e8eb41
SSDEEP

1536:dIsVKSIwcYIR5UxS3DpeM2I10kd6gKxAvF:yssSIwdICS3x2PMF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab8e7f1c56203d0cf74b60f9e5ca970b_JaffaCakes118

Files

ab8e7f1c56203d0cf74b60f9e5ca970b_JaffaCakes118
.exe windows:1 windows x86 arch:x86

d232d3441b89d980cb42118c4d563f63

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteExA

kernel32

GetCommandLineA
GetCurrentDirectoryA
GetEnvironmentVariableA
GetFileAttributesA
GetFileSize
GetFileTime
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
CloseHandle
GetStdHandle
GetSystemDirectoryA
GetTickCount
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
ReadFile
RtlUnwind
RtlZeroMemory
CreateFileA
SetCurrentDirectoryA
SetFileAttributesA
SetFilePointer
SetFileTime
Sleep
SystemTimeToFileTime
WaitForSingleObject
WriteConsoleA
WriteFile
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA

user32

wvsprintfA

crtdll

__GetMainArgs
_strnicmp
exit
gmtime
localtime
mktime
raise
signal
strcat
strchr
strncmp
strncpy

Sections

.avp
Size: 64KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 2KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE