ae11d85879b9e17673bf22b56e5c8b90_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae11d85879b9e17673bf22b56e5c8b90_JaffaCakes118
Size

169KB
MD5

ae11d85879b9e17673bf22b56e5c8b90
SHA1

bdb6e610646046a131bcac1af332c0055f532a8e
SHA256

829d0e29af6dca0b30747157424a4d10b82994684971b06a75aaa735a5bbc970
SHA512

e47161021aa2d692cbfb8343aa441eb70a2c10ca1973f604e4288d85f742db3b9c96306a8e220488a5fdb7be7c69e5fd7447b811800e7a72e35f42d2d7da71d8
SSDEEP

3072:4oYnKuxsrMr6X08eCf/PPd8ilk5/wT/67gghr5Qv5GvJXTc5/0+wmDq+SgC:PYYrMAeAbkZwTagAq3l0+wmDGgC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae11d85879b9e17673bf22b56e5c8b90_JaffaCakes118

Files

ae11d85879b9e17673bf22b56e5c8b90_JaffaCakes118
.exe windows:4 windows x86 arch:x86

71410f71ef753880bedfc6b08db33d78

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
GetCurrentProcess
GetLastError
FreeEnvironmentStringsA
WideCharToMultiByte
GetEnvironmentStringsW
ExitProcess
TerminateProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
GetVersionExA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetProcAddress
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetFileType
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
WriteFile
HeapFree
HeapAlloc
VirtualAlloc

user32

ExitWindowsEx

advapi32

AdjustTokenPrivileges
OpenProcessToken
LookupPrivilegeValueA

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 823B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ