ac162258d49b9388eacd3037f28b7f29_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac162258d49b9388eacd3037f28b7f29_JaffaCakes118
Size

183KB
MD5

ac162258d49b9388eacd3037f28b7f29
SHA1

af04e3a608dca09cfea298afb232fe3969c6b2c4
SHA256

dab26b544ba254341c4abc3601371d0cde824d7a1ebb4c20068f99d956c800d4
SHA512

05bdac517ce240211cfc2f26e0959b1cba3377bcf96e2fd6f93f238b712302626a16c1054be06457ce6486c661d5b834b91948f7e3e913dce2bd718fbf4c1250
SSDEEP

3072:JY7pbFB4fZQTVeTVThaLyUai9u/gTP44u+ikJOtY8S2QLfiT5WGEUcVgVKryOgew:axgfygVTALy49u/g8dm17AHKr3gmsF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac162258d49b9388eacd3037f28b7f29_JaffaCakes118

Files

ac162258d49b9388eacd3037f28b7f29_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6d99b21f68d1ed2c9206bdebe8831e0f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

gdi32

RealizePalette
CreateCompatibleDC
SelectObject
UnrealizeObject
SelectPalette
BitBlt
DeleteDC
SetMapMode
GetObjectA
GetDeviceCaps

rpcrt4

NdrByteCountPointerFree
UuidCreate
UuidToStringA
RpcStringFreeA

kernel32

DeleteCriticalSection
RtlUnwind
GlobalLock
FlushInstructionCache
GlobalFree
GlobalUnlock
SetLastError
VirtualProtectEx
HeapAlloc
HeapFree
DuplicateHandle
InterlockedDecrement
GetCurrentProcess
LocalFree
GetCurrentThreadId
GetLastError
CreateFileW
WaitForSingleObject
ExitProcess
GetThreadContext
InterlockedIncrement
RaiseException
GetFileSize
SetLocaleInfoW
WriteProcessMemory
FormatMessageA
GetStartupInfoA
InterlockedExchange
GetVersionExW
GetCommandLineA
GetTempPathW
TlsSetValue
GlobalAlloc
GetWindowsDirectoryW

Sections

.text
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ