ae0571ae177c42ec78c91d215a758e44_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae0571ae177c42ec78c91d215a758e44_JaffaCakes118
Size

277KB
MD5

ae0571ae177c42ec78c91d215a758e44
SHA1

d910cfbb00732fa86bc082b6e0a1a65fda623c42
SHA256

c08f0723517cc5b19d276388c246595c51a78f03ce19f918dc6718c9a3be319e
SHA512

5e46d718865d008c2d3b5bc401cc32f5513bb88139e6ca34e5c1f0deba024557ed522fd45e5246a71d3f27b65e3b141e2bb97aedd62ffa286a875e85a6cc9fff
SSDEEP

6144:rwkQthr+tjxaRp1qJUVBxCgf8EEb2DFy+ziey3OM2n38U/o:0kQaL8OC+AcSH38U/o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae0571ae177c42ec78c91d215a758e44_JaffaCakes118

Files

ae0571ae177c42ec78c91d215a758e44_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eba3c128ed8a2c768a27b9923d42a285

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CompareStringA
CreateEventA
CreateThread
EnterCriticalSection
ExitThread
FreeLibrary
GetComputerNameA
GetCurrentProcessId
GetTickCount
GlobalAlloc
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LocalFree
SetEvent
Sleep
UnmapViewOfFile
WaitForSingleObject
WriteConsoleA
lstrcmpiA
lstrcpynA
lstrlenA

user32

DestroyWindow
GetClassNameW
GetKeyState
GetLastActivePopup
GetMenuState
IsRectEmpty
PeekMessageW
RemovePropW
SendNotifyMessageW
SubtractRect

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 263KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ