42d89e616fa15f6217ac7ffe838860c7_JaffaCakes118 | Triage

Sharing

General

Target

42d89e616fa15f6217ac7ffe838860c7_JaffaCakes118
Size

173KB
MD5

42d89e616fa15f6217ac7ffe838860c7
SHA1

9aa7f6d4eae7ba0dc3c5ccf0ace9118f4ad2cf99
SHA256

58c93631d1df5b094851b0a24a5a34171175ff494e3b4b21741a48a6f19bc9a6
SHA512

66a44fb0c2dbbf1040136c7c9d3a126a23de0a0dc85901269834ad918c1ca22893195b36b93c581204cb674d0fef56fef7332defe728ef1879bc9d5dbd4bcf6d
SSDEEP

3072:JkJhBXR2UIE8gUSp0VhshedZlfs1K6xj8z9Vc/2N3/bCO+RACmAu8f4:JkjxR6N/xE1VAueNOO5C7u8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42d89e616fa15f6217ac7ffe838860c7_JaffaCakes118

Files

42d89e616fa15f6217ac7ffe838860c7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bdbd1e5982765c296cefedb685cf62ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
SetHandleCount
GetCPInfoExW
GetThreadLocale
InitializeCriticalSection
GetLastError
GetEnvironmentStrings
GetACP
GetFileType
MultiByteToWideChar
WriteFile
GetEnvironmentStringsW
GetLocaleInfoA
GetOEMCP
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
EnumResourceTypesA
InterlockedIncrement
RaiseException
InterlockedExchange
EnterCriticalSection
GetCPInfo
GetStdHandle
QueryPerformanceCounter
lstrlenW
GetTickCount
UnhandledExceptionFilter
GetEnvironmentStringsW
GetVersionExA
TlsSetValue
FreeEnvironmentStringsW
TlsGetValue
LeaveCriticalSection
WideCharToMultiByte
GetCurrentProcessId

msimg32

AlphaBlend
TransparentBlt

ole32

CoGetMalloc
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
StringFromGUID2
CoTaskMemRealloc

gdi32

SelectObject
DeleteObject
GetDeviceCaps
GetTextExtentPointA
GetTextMetricsA
CreateFontIndirectA

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ