1712ba5a4bb0313332d1798e9c01f4d5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1712ba5a4bb0313332d1798e9c01f4d5_JaffaCakes118
Size

164KB
MD5

1712ba5a4bb0313332d1798e9c01f4d5
SHA1

01d1e4da824f8d51c2205a8adb90678160630741
SHA256

e2fced5ce1e689ac4a4958b55b6e85e71c5a441a36fbbb549e738423658460bb
SHA512

dff7c9b324126fe27541320e613cef0211dbe43a895349a0a6a2080b51d55acb39f0004f5f546d9ab332337e2aa5bfc497563ee88d34eaaf7e71aafc57779cec
SSDEEP

3072:XciKOT3CnaGlkSQ83nZA8W2PNG+bkwX6ft3cP4B:Xc3Rflky3ZAR2lG+j9K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1712ba5a4bb0313332d1798e9c01f4d5_JaffaCakes118

Files

1712ba5a4bb0313332d1798e9c01f4d5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

16488a1f73a02451ea021eb8598965c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StringFromIID
CLSIDFromProgID

kernel32

MoveFileA
GetLocalTime
ExitProcess
GetLastError
LoadLibraryExA
ResetEvent
GetStartupInfoA
GetACP
LockResource
VirtualAllocEx
GetCurrentThread
ExitThread
LoadResource
VirtualAlloc
GetCurrentThreadId

shell32

SHGetFileInfoA
SHGetFolderPathA
SHFileOperationA

version

GetFileVersionInfoA
VerInstallFileA

advapi32

RegQueryInfoKeyA
GetUserNameA

msvcrt

wcscspn
memmove
memcpy
swprintf
wcstol
tolower
mbstowcs
malloc
exit

gdi32

RestoreDC
GetObjectA
CreatePalette
CreateDIBitmap
GetPaletteEntries
LineTo

Sections

INIT
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 3KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 512B - Virtual size: 190B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE