2941a1202dea70f918bfb35ee383f60a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2941a1202dea70f918bfb35ee383f60a_JaffaCakes118
Size

189KB
MD5

2941a1202dea70f918bfb35ee383f60a
SHA1

6ee9e95db79e225493d5ff8269fe0b371b28536e
SHA256

d1eea32cf89a831f01b4b3306648e8724e58095224fdb34f6d40f3ebe6b0e985
SHA512

35a72437789dc6b65bd46b9f33585417a77db570d34443c5812135105c71909da8ac5672172fda8e6b4c03ed648fba9ab09cd0f6e134b16f71e2221919042af8
SSDEEP

3072:3D8Zd/1sbSsHw0i8h+PRyyWL+WEvFEt2ev5Tce6mGTARozb7pkZfapRlbmQRdjKL:3Dad/6bSCTUPTG+WEneqmYzb78fS2QA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2941a1202dea70f918bfb35ee383f60a_JaffaCakes118

Files

2941a1202dea70f918bfb35ee383f60a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ccbe419afc1cb56d6aea7dc21fbc49a4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipGetImageWidth
GdipDisposeImage

kernel32

GetNumberFormatA
ExpandEnvironmentStringsA
GetTickCount
HeapCreate
GetCalendarInfoW
HeapSize
GetVersion
ExitProcess
MultiByteToWideChar
GetStartupInfoA
GetCurrentProcessId
GetLocaleInfoA
SetHandleCount
SystemTimeToFileTime
DeleteFileA
QueryPerformanceCounter
Sleep
CreateDirectoryA
IsDBCSLeadByte
lstrcpynA
GetTempPathA
EnumResourceNamesA
GetVersionExA
InitializeCriticalSection
FindResourceA
CompareStringA
GetModuleFileNameA
HeapDestroy
lstrcpynW
GetCPInfo
WaitForSingleObject
GetFullPathNameW
GetCurrentProcess
GetStringTypeA
GetStringTypeW
WideCharToMultiByte
DeleteFileW
GetFullPathNameA

ole32

CoGetMalloc
CoUninitialize
StringFromGUID2
CoInitialize
CoTaskMemAlloc
CoTaskMemFree

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ