305d97eef780ecc1ee91d553f1ab9d0e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

305d97eef780ecc1ee91d553f1ab9d0e_JaffaCakes118
Size

153KB
MD5

305d97eef780ecc1ee91d553f1ab9d0e
SHA1

66fd8f928d1f03112a172a60a57b9d0ad9d3e3ae
SHA256

6dfa767a46140f45d749e6e62e101b8a8ff84af4c06d14fb109a044a8d081b08
SHA512

b5fd246cbdc10876290afdaec9727e726cd42b0ca2aedb63bfbc4646318c32ec9a60f7ba650236a6ad7db6b0c4ce81df1d66122c4b8ce07e71dc74a54560341a
SSDEEP

3072:gPvvxZrhx8eFCODLKJRYHlTnp4RkcJM63wLBLKlsyOodP2t:gHZRr9FC7WHFp42cJMGwFLIsyZ2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
305d97eef780ecc1ee91d553f1ab9d0e_JaffaCakes118

Files

305d97eef780ecc1ee91d553f1ab9d0e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9a42d81d1e5946356c94e4b6abfc897d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextColor
GetBkColor
GetMapMode
GetTextExtentPoint32W
CreateFontIndirectW
CreateSolidBrush
GetStockObject
CreatePatternBrush
DeleteDC

ole32

CoCreateGuid
StringFromCLSID
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
OleLockRunning
StringFromGUID2
CoAllowSetForegroundWindow
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoCreateInstance
CoInitializeSecurity
CoSetProxyBlanket
CoInitializeEx
CoUninitialize
CoTaskMemFree
CoGetClassObject

rpcrt4

RpcStringBindingComposeW
RpcStringFreeW
RpcSmDestroyClientContext
RpcBindingFromStringBindingW

comdlg32

GetFileTitleW

kernel32

GetLocaleInfoW
ExpandEnvironmentStringsA
GetCurrentThread
LZOpenFileW
CreateProcessA
HeapAlloc
GetProcessHeap
HeapFree
GetVersionExA
SizeofResource
LockResource
LoadResource
FindResourceA

oleaut32

LHashValOfNameSys
GetRecordInfoFromTypeInfo
VarUI4FromDec
SysFreeString

Sections

.text
Size: 85KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ