fd1adac984ee549c2f422421f8433912_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd1adac984ee549c2f422421f8433912_JaffaCakes118
Size

178KB
MD5

fd1adac984ee549c2f422421f8433912
SHA1

37c014ea6b77772f9d5ab3779186d2bb16405a46
SHA256

86a668a67964970dbce92e1e8f74f732c930fe9c497edb7bad707a465c71bb8e
SHA512

cd5a90b541772e77999ff0d3f982ae3cc3a6736e9534c19fdcc9addf65bb2343630a9754f3a759ea0356eda4f5b155744ebe2a303bfa38cd222bca67356745b4
SSDEEP

3072:QgveivTAfn3QiDhpjKwWp9ERlc0uZ6ty+nYfFBAi8VPGHKAMXRhvM3xbBH:QCeivTe37DjKz/oy0E9+aF2i8VU5GvQl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd1adac984ee549c2f422421f8433912_JaffaCakes118

Files

fd1adac984ee549c2f422421f8433912_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0c0c7104658505ba855fcf968821ab50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

ICOpen
ICSendMessage
ICClose
ICDecompress

user32

wsprintfA
wsprintfW

ole32

StgCreateDocfile
StgOpenStorage

kernel32

lstrlenW
FreeLibrary
GetLastError
GetShortPathNameW
CloseHandle
IsDebuggerPresent
GetProcessTimes
UnhandledExceptionFilter
LocalFree
GetProcAddress
MultiByteToWideChar
GetCurrentProcessId
IsBadWritePtr
EnumResourceTypesA
GetCurrentThreadId
SetUnhandledExceptionFilter
lstrlenA
GetThreadLocale
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
CreateFileA
GetModuleHandleA
WideCharToMultiByte
IsBadReadPtr
LoadLibraryA
GetVersionExA

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ