075eba5b9f7b51def6b42501bcf35d75_JaffaCakes118 | Triage

Sharing

General

Target

075eba5b9f7b51def6b42501bcf35d75_JaffaCakes118
Size

274KB
MD5

075eba5b9f7b51def6b42501bcf35d75
SHA1

d29b1756601f6661987b82d6ec3f6332bffdc980
SHA256

3cbafe791bae6936e83c36aee30c84b36d9e236d1fecb829d470392f53b17472
SHA512

2d6519340bb03c209531e6b7e311bc19196127a02e8592bc12b6ee05dbf1b4e37cfd726465f5026fad6a8e5dda0e7bad4ec7b74fababb90fb3e6e3adb517fa97
SSDEEP

6144:rWYZ2KZGRhEbStJT3FlZZmUFYn9gEQymEJc33nK3XXH7B9qA:rZ2ROWJzFlZZmt9gEqEynUXr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
075eba5b9f7b51def6b42501bcf35d75_JaffaCakes118

Files

075eba5b9f7b51def6b42501bcf35d75_JaffaCakes118
.exe windows:4 windows x86 arch:x86

10711674a173fb54b78c236a44d2ad8d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
GetSystemTimeAsFileTime
GetCurrentProcessId
TlsAlloc
VirtualFree
HeapReAlloc
QueryPerformanceCounter
VirtualAlloc
IsBadWritePtr
VirtualQuery
EnumSystemLanguageGroupsW
GetWriteWatch
HeapDestroy
SetLastError
HeapAlloc
HeapCreate
TlsFree

shlwapi

PathAddBackslashW

oleacc

CreateStdAccessibleObject
CreateStdAccessibleProxyA

user32

DestroyIcon
SetWindowTextA
CreateWindowExA
LoadStringA
GetWindow
GetDlgItem
LoadImageA
GetParent

shell32

SHGetMalloc
SHChangeNotify
SHGetPathFromIDListW

winmm

mciSendCommandA

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ