1758a92502716ebd2129088af3eec18b_JaffaCakes118 | Triage

Sharing

General

Target

1758a92502716ebd2129088af3eec18b_JaffaCakes118
Size

169KB
MD5

1758a92502716ebd2129088af3eec18b
SHA1

60c94a2f2e9132a6444ac5f0207a8cfa8f0beae9
SHA256

94a78c6548bb328bf372c9731191a30b3792c1f4ea735fa0369b220c3fe13afa
SHA512

c92d53405b2449ff705a745453e185364d3f234a59563cf873ebca5df56a0832ab1d1c22c895fc8f108f7319a4ec32ac4f49a9debfad1749d68c8df5f15f15cc
SSDEEP

3072:wD0f7eo/zMJ9NNx0m41Ps3JiKwRvic9a:wojemMJ9NNGf14ifNz9a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1758a92502716ebd2129088af3eec18b_JaffaCakes118

Files

1758a92502716ebd2129088af3eec18b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cb9118eb48d600e74552feef5cec05a7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipGetImageWidth
GdipDisposeImage

ole32

CoGetDefaultContext
CoTaskMemAlloc
StringFromGUID2
CoInitialize
CoUninitialize
CoTaskMemFree

kernel32

MultiByteToWideChar
GetLastError
GetModuleFileNameW
GetCurrentDirectoryW
GetModuleHandleA
GetCalendarInfoW
ExitProcess
SetLastError
VirtualQuery
GetFileAttributesW
SetEnvironmentVariableW
FreeLibrary
WideCharToMultiByte
LocalAlloc
GetCurrentThreadId
GetFileInformationByHandle
lstrlenW
GetProcessId
DuplicateHandle
EnumResourceNamesA
InterlockedExchange
GetCurrentProcess
CreateDirectoryW
LocalFree
InitializeCriticalSection
SearchPathW
GetModuleHandleW
OutputDebugStringA
VirtualProtect
lstrcmpiW
GetProcAddress
OutputDebugStringW
Sleep

shlwapi

StrDupW
PathIsUNCW
SHRegGetValueW
PathSkipRootW
PathGetArgsW
PathFindFileNameW

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ