aca7ca6f090aba613f6a701f0b2bac1c_JaffaCakes118 | Triage

Sharing

General

Target

aca7ca6f090aba613f6a701f0b2bac1c_JaffaCakes118
Size

202KB
MD5

aca7ca6f090aba613f6a701f0b2bac1c
SHA1

7d889d00e5cf9a09800faa450fcbfa17eadc5664
SHA256

749e8c87bc157a7dc7a9c7427c41dbcd1f087250914caedd3aaa93982af1c433
SHA512

567f6c90c1d9da328afbe3d8c1fb452135e592e13daf59b78f6855c7caa00cc98d5a76ac5707583907f6391dd8d940bfe1b1c187c9448b635414307ae87abf4e
SSDEEP

6144:ZAU479KlI4imKWcPg62UgzMha1UBR+B3F:Wl96WmlcPg62tj10

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aca7ca6f090aba613f6a701f0b2bac1c_JaffaCakes118

Files

aca7ca6f090aba613f6a701f0b2bac1c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4c7b3a2f1fd4d1ba93e27a0b8a5e8247

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
strstr
strlen
strcpy
strcat
strncpy
memcpy

kernel32

GetModuleHandleA
HeapCreate
VirtualProtectEx
VirtualAllocEx
HeapDestroy
ExitProcess
LoadLibraryA
CloseHandle
InitializeCriticalSection
GetEnvironmentVariableA
SetEnvironmentVariableA
GetCurrentProcess
DuplicateHandle
CreatePipe
GetStdHandle
HeapAlloc
CreateProcessA
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
HeapFree
CreateFileA
SetFilePointer
SetEndOfFile
WriteFile
GetDriveTypeA
FindFirstFileA
FindClose
GetFileAttributesA
HeapReAlloc
DeleteCriticalSection
GetProcAddress
FreeLibrary
Sleep

user32

EnumWindows
GetWindowTextA
CharLowerA

shell32

ShellExecuteExA

Sections

.code
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ