22fdf68d86f232aacaf43f5cd21bfb1e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

22fdf68d86f232aacaf43f5cd21bfb1e_JaffaCakes118
Size

165KB
MD5

22fdf68d86f232aacaf43f5cd21bfb1e
SHA1

701e56ddc179ff28594cddb7c120ae201636af06
SHA256

d5288274f3e6e03e0ee30b7bf106a8fd5d20af436eb3b920853ff36ddc7ef18d
SHA512

45a7250948317afec748bbbac5d49730161b16c9b05164a8773874d74007e6b147d3305280b64dbf0f49400a6f4e8f44c47a098a033bcc2a8f279e5169643e41
SSDEEP

3072:ffOvijyB/wBcmwnjYVq0/CKMCKp1y4tOpyKqExcYfiWBAU2U+L91:3OIyBxmwjY//CbCOy4tSyjP4PcU+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22fdf68d86f232aacaf43f5cd21bfb1e_JaffaCakes118

Files

22fdf68d86f232aacaf43f5cd21bfb1e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

341932f0513726b1710d986f82d5d4b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

gdi32

GetTextMetricsA
SelectObject
DeleteObject
GetDeviceCaps
GetTextExtentPointA
CreateFontIndirectA

ole32

CoGetMalloc
CoTaskMemAlloc
StringFromGUID2
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc

kernel32

InitializeCriticalSection
InterlockedIncrement
TlsSetValue
GetOEMCP
GetCPInfoExA
WriteFile
QueryPerformanceCounter
FreeEnvironmentStringsW
EnterCriticalSection
FreeEnvironmentStringsA
GetCPInfo
GetStartupInfoA
HeapSize
SetHandleCount
UnhandledExceptionFilter
TlsGetValue
GetEnvironmentStringsW
GetFileType
EnumResourceTypesA
GetLocaleInfoA
GetStdHandle
GetLastError
WideCharToMultiByte
LoadLibraryW
InterlockedExchange
DeleteCriticalSection
GetEnvironmentStrings
RaiseException
MultiByteToWideChar
GetTickCount
GetACP
lstrlenW
LeaveCriticalSection
GetThreadLocale
GetVersionExA
GetCurrentProcessId

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ