ae5cb469a49b9d8fe3e92cc81bdad0d4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae5cb469a49b9d8fe3e92cc81bdad0d4_JaffaCakes118
Size

20KB
MD5

ae5cb469a49b9d8fe3e92cc81bdad0d4
SHA1

36860dbff0132d254dc3068ab6c585c6bb38e8ca
SHA256

dadbda52b01fc644598642eb5de15a9cbed14274a519156359b73dce43d51395
SHA512

27e1a4cc176c3f691fd8859f9052bfe7a302842c97eac5f6b2e88091b696e7263ca27f4e8e7b8b1fc7f64705f2ceb25bdf9a78266cb12d0557f8358669740430
SSDEEP

384:rODCpsSiB9UrDqnTSRsCEVn3gsKJyXnRh4hTbUpScRspvbfB+Y2pwxYM5R:rOfSiffnTMEN8JinegkcRspDfB+T65R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae5cb469a49b9d8fe3e92cc81bdad0d4_JaffaCakes118

Files

ae5cb469a49b9d8fe3e92cc81bdad0d4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1dbcf2c6cdfb8812f5650277b7998cf3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetDC

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
LoadLibraryA

advapi32

FreeSid

comctl32

ImageList_Add

comdlg32

PrintDlgA

gdi32

SaveDC

ole32

OleRun

oleaut32

VarNot

shell32

DragFinish

urlmon

HlinkNavigateString

version

VerQueryValueA

wininet

InternetOpenA

winmm

joyGetPos

winspool.drv

OpenPrinterA

wsock32

send

Sections

.text
Size: 19KB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE