aeee1ba8f82cbfcc56dc2edc45037a6e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aeee1ba8f82cbfcc56dc2edc45037a6e_JaffaCakes118
Size

109KB
MD5

aeee1ba8f82cbfcc56dc2edc45037a6e
SHA1

69c34922e6fd51e30c56a44f3dbd1de4725ceb59
SHA256

ff40635a7e1f36afb72a02dfe17ac7bc940e7bac555be9e6eee6cf6f4567d043
SHA512

9cffdce9e0e8650edaa0305234256652cc1f9c6fc67932d1530280736558b42c4ea0340e27357d087ddd775e800c70e8a927f325ed82bdc3f693645cb0ad1cbd
SSDEEP

768:Bl83ZknUy+O4rO/+NeOvNA1T4VQhrsjeCalGbHA0y5HF7AROLNu+WWcn4Ls:Bl83ZkUyaOqvO54U+alyzy5HVI2Nu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aeee1ba8f82cbfcc56dc2edc45037a6e_JaffaCakes118

Files

aeee1ba8f82cbfcc56dc2edc45037a6e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9910fca2b075ba477ca97936dbe799b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrTrimA
StrCmpNA
StrCmpNIA
StrChrA

kernel32

lstrlenA
ExitProcess
GetCommandLineA
GetCurrentThreadId
GetDriveTypeA
GetLastError
GetModuleHandleA
GetStartupInfoA
GetTempPathA
GetThreadPriority
GetTickCount
GetVersion
GetVersionExA
GlobalAlloc
VirtualProtect
lstrcmpA

user32

CharUpperA
CharUpperBuffA
GetActiveWindow
CharToOemBuffA
GetMessagePos
GetMessageTime
OemToCharBuffA
CharLowerBuffA
CharLowerA
GetCursorPos

gdi32

GdiGetBatchLimit
GdiFlush

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE