ac7b1b2c8346047c2a7fb96773cfa06e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac7b1b2c8346047c2a7fb96773cfa06e_JaffaCakes118
Size

32KB
MD5

ac7b1b2c8346047c2a7fb96773cfa06e
SHA1

3e3fc8f0173130b93a20e776069b02a8bac7c3c1
SHA256

191cffd2a6aff2854cc8b31e480143c14d46c38cb32dec4d7d39ec079e7075eb
SHA512

a065ba352147dac340b4b06808a518f3f8b77bdf90d546be9cea2e2bda3d43dbf83681fc25ca58e473df59ff8bf2048531870ba368dd21422870cbfab10a7114
SSDEEP

768:f6U37al6xbbWl/OmfK7yqlPimqnoXO5XxiJxGsLIeq:f6ULbx/yqY1oXAXxcxTLm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac7b1b2c8346047c2a7fb96773cfa06e_JaffaCakes118

Files

ac7b1b2c8346047c2a7fb96773cfa06e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fff7344753c55ed4fe5c50ffd24c35d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetVolumeInformationA
GetProcAddress
LoadLibraryA
DeleteFileA
GetDriveTypeA
GetCurrentThreadId
GetTickCount
GetTempPathA
lstrcatA
CopyFileA
lstrcpyA
CreateThread
GetPrivateProfileStringA
MoveFileExA
Sleep
CreateDirectoryA
GetModuleFileNameA
CreateProcessA
ExitProcess
GetLastError
CreateMutexA
GetCommandLineA
WaitForSingleObject

user32

GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA

msvcrt

fseek
_strcmpi
strstr
??2@YAPAXI@Z
sprintf
fclose
fopen
malloc
_strlwr
fwrite
fread
??3@YAXPAX@Z

Sections

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE