240138591771d25f8a29188c4ab25afe_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

240138591771d25f8a29188c4ab25afe_JaffaCakes118
Size

107KB
MD5

240138591771d25f8a29188c4ab25afe
SHA1

1abbce47e2d0fb9743356902594add6451005431
SHA256

4137d083bf8c05602de987417a5941cdfeb4566d8ee3ab2eacc0ac1c7fe0c4e8
SHA512

75f92b58b8b519746a6e8b3b89a71d46857cdc42f91be8b9f0fd2084a9d27de0d95707c9d79d068eb4c62402ddd185fea71fa52d61e916fed6cd9bc8c0c65b6c
SSDEEP

3072:ad+f7iktHPS9XPu9UGbOEVFW5D5QCEGVNUF9p:R2ktvePuO3yQ+wVU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
240138591771d25f8a29188c4ab25afe_JaffaCakes118

Files

240138591771d25f8a29188c4ab25afe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0683adc0139253eb1d77eea51f83e176

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetMalloc
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

shlwapi

PathRemoveFileSpecW
SHGetValueW
PathCombineW
PathAppendW
PathFileExistsW

msimg32

AlphaBlend
TransparentBlt

kernel32

GetCalendarInfoA
GetLocalTime
CreateFileW
SetCurrentDirectoryW
SetFilePointerEx
GetProcessAffinityMask
ExitProcess
EnumResourceNamesA
FindFirstFileW
LockResource
GetCurrentDirectoryW
FlushInstructionCache
FindResourceExW
GetPriorityClass
LoadResource

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ