28a1d5f66065ed7cbc26363b1e5bdb32_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28a1d5f66065ed7cbc26363b1e5bdb32_JaffaCakes118
Size

189KB
MD5

28a1d5f66065ed7cbc26363b1e5bdb32
SHA1

ef2718f99d8856342f4b10e4de3ef2902c1c4805
SHA256

c7fe2316e70159f6c0b55399da7a63dd0c04dabdcb49b596da09d2a5a62b0bd3
SHA512

f4e7cb09a07465c1446f25661db6b654e3819cf97a444f7aa262476687626bb32b408600dadf17973f19e79e753116779f21ccc2c6ac7a31fde3dc52657ad5d6
SSDEEP

3072:3D8Zd/1sbSsHw0i8h+PRyyWL+WEvFEt2ev5Tce6mGTARozb7pkZfapRlbmQRdjKL:3Dad/6bSCTUPTG+WEneqmYzb78fS2QA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28a1d5f66065ed7cbc26363b1e5bdb32_JaffaCakes118

Files

28a1d5f66065ed7cbc26363b1e5bdb32_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ccbe419afc1cb56d6aea7dc21fbc49a4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipGetImageWidth
GdipDisposeImage

kernel32

GetNumberFormatA
ExpandEnvironmentStringsA
GetTickCount
HeapCreate
GetCalendarInfoW
HeapSize
GetVersion
ExitProcess
MultiByteToWideChar
GetStartupInfoA
GetCurrentProcessId
GetLocaleInfoA
SetHandleCount
SystemTimeToFileTime
DeleteFileA
QueryPerformanceCounter
Sleep
CreateDirectoryA
IsDBCSLeadByte
lstrcpynA
GetTempPathA
EnumResourceNamesA
GetVersionExA
InitializeCriticalSection
FindResourceA
CompareStringA
GetModuleFileNameA
HeapDestroy
lstrcpynW
GetCPInfo
WaitForSingleObject
GetFullPathNameW
GetCurrentProcess
GetStringTypeA
GetStringTypeW
WideCharToMultiByte
DeleteFileW
GetFullPathNameA

ole32

CoGetMalloc
CoUninitialize
StringFromGUID2
CoInitialize
CoTaskMemAlloc
CoTaskMemFree

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ