4508e6aeeaff2912c54b42aaf8fecf1d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4508e6aeeaff2912c54b42aaf8fecf1d_JaffaCakes118
Size

331KB
MD5

4508e6aeeaff2912c54b42aaf8fecf1d
SHA1

214220b65bd2811ab42c835e3bf8c7b8cebf2f40
SHA256

acd6afad66f460d69fa14e9fdf5c0006dd63c846b4c42c30d1b95bfd7c7aab15
SHA512

3d68f49064456c3fbb6051cc336af29de8caf9453e0ac4510c6eeb4a4f578b94627009595cdadb98d25e05640087ac2409bc095deb4232afa654628bc30cdfb0
SSDEEP

6144:FnzQ3R2IggYtDunj7RWEL1fyCcSIoj17kAfMJ5xSMZk1eJlqpciq+99Y:9zsR2IggYSj7RW61RcIpk55wEDq1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4508e6aeeaff2912c54b42aaf8fecf1d_JaffaCakes118

Files

4508e6aeeaff2912c54b42aaf8fecf1d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0513f653e15bf2941e565f927bb25121

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteObject
SetBkMode
SetTextAlign
SetTextColor
SetBkColor
DeleteDC
ExtTextOutW
SelectObject
CreateCompatibleDC

kernel32

GetModuleHandleW
GetCommandLineA
TlsAlloc
GetConsoleMode
GetTickCount
FindAtomA
GetTimeFormatA
OpenFileMappingA
UnmapViewOfFile
MapViewOfFile
FormatMessageA
GetUserDefaultLCID
Sleep
CloseHandle
GetLastError
CreateFileMappingA
LoadLibraryW
LocalAlloc
FoldStringA
GetAtomNameA
FreeLibrary
LoadLibraryA
GetSystemDirectoryA
InitializeCriticalSection
DeleteCriticalSection
GetCurrentThreadId
TlsGetValue
GetProcAddress
GetModuleHandleA
TlsSetValue
CreateMutexA
ReleaseMutex
WaitForSingleObject
lstrlenA
lstrcmpiA

oleaut32

DispGetIDsOfNames
CreateErrorInfo
OleCreateFontIndirect
GetErrorInfo
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

shell32

SHGetFolderPathW
CommandLineToArgvW
ShellExecuteW

msimg32

TransparentBlt

Sections

.text
Size: 224KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE