41fab3753962efd3d3551d4ba5d34b8b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

41fab3753962efd3d3551d4ba5d34b8b_JaffaCakes118
Size

62KB
MD5

41fab3753962efd3d3551d4ba5d34b8b
SHA1

81ac5e977540aa2326a4988b01f550ffd2a6fa3f
SHA256

a1b5bc51ad397b3244afdd6cd6a86c25a4e3142e08ddb9f06304045e3a1eef9e
SHA512

b30baeefb9b717201744da4dad6b5435f528dfd5b83bc84e3c0397625cdfb33fc06571ecd0ee7040c00467318f3a46f5a554f483a36c3d3418f712ab42736d96
SSDEEP

1536:T909BaM67tW/pBrq5F0x9NAqo8r0n4pYcB4Lyuie1y1tHJoG:ZYButWxtq5al1OVhHEjJ9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41fab3753962efd3d3551d4ba5d34b8b_JaffaCakes118

Files

41fab3753962efd3d3551d4ba5d34b8b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f57c0ba66bed4aaaa4a4e2d287e08a9f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateProcessA
DuplicateHandle
ExitProcess
ExitThread
GetACP
GetCommandLineA
GetEnvironmentVariableA
GetFileTime
GetLastError
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetThreadContext
HeapAlloc
HeapCreate
HeapReAlloc
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
RtlUnwind
SetLastError
SetProcessWorkingSetSize
SetUnhandledExceptionFilter
SizeofResource
TerminateProcess
TlsGetValue
lstrcpynA
lstrlenA

user32

GetMenu
FrameRect
DeferWindowPos

ole32

CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance

oleaut32

OleLoadPicturePath
VarBstrCat
SetErrorInfo
SafeArrayDestroy
SafeArrayAllocDescriptor
SafeArrayAllocData
RevokeActiveObject
RegisterTypeLi

Sections

.text
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ