e9270091e4c55e80dbde47254735a573_JaffaCakes118 | Triage

Sharing

General

Target

e9270091e4c55e80dbde47254735a573_JaffaCakes118
Size

171KB
MD5

e9270091e4c55e80dbde47254735a573
SHA1

006428b25ade464b0aacbc333985b51f126e026a
SHA256

805a9b5d0c5eb43611ba10862f11599915df1a7d2636ac623aa278ba6bddb555
SHA512

1883a3cb1e539b961b5eb0395f90df442994bfd334a753f83e6e30621d281ff629466e7d35d62deb055fa1b7e2df7abc25ac6cd315095e7aecdc2d0fb5c1cdf8
SSDEEP

3072:NkVmNZytJaKd1iUCAdcFcxNXpYvyrN+jlU00DSM87G6d9q0WKJB7gXeY+wRe:NkgLqiudlLuv0N500D18ndg7KJ6Pn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9270091e4c55e80dbde47254735a573_JaffaCakes118

Files

e9270091e4c55e80dbde47254735a573_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1d22dbc5da08d1e7a4da4ba4d2c35ac8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateFontIndirectA

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

shell32

Shell_NotifyIconA

kernel32

SetFilePointer
AddAtomW
InitializeCriticalSection
CloseHandle
GetStringTypeA
GetCurrentThreadId
GetLastError
LCMapStringA
HeapAlloc
FlushInstructionCache
IsBadCodePtr
GetCurrentProcessId
GetCurrentProcess
EnumResourceNamesA
LCMapStringW
RaiseException
EnterCriticalSection
LoadLibraryExA
IsBadReadPtr
DeleteCriticalSection
RegisterWaitForSingleObject
GetSystemTimeAsFileTime
LeaveCriticalSection
FlushFileBuffers
SetStdHandle
InterlockedDecrement
InterlockedIncrement
GetModuleHandleA
GetStringTypeW
SizeofResource

gdiplus

GdipCreateHBITMAPFromBitmap
GdipCloneImage

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ