665499bff8145eb3431d890e394df910_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

665499bff8145eb3431d890e394df910_JaffaCakes118
Size

192KB
MD5

665499bff8145eb3431d890e394df910
SHA1

85e9dbff351d56713ec12fceff79c26e3a55a234
SHA256

2d6479523d636405bbc5f7c0f7710a7cf3a84eaca7ad84990b9d0e560bb15e6a
SHA512

76104cd7a0a31d7dfe09cfc68dffa8d4960548dd889364603e0f36e864e5fc291b88643819a8048bd92b5e744c4a61548e1b8125480054dd23e02d33a8a91235
SSDEEP

3072:8MdBnY4Nu3HQekA3qRw0vRsywbiE7NjrxSWStYSG816gH9xddtcm4ce0IEs85EAH:8MeXQekWqmAsywbh7bfCrH9scelEP5Ei

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
665499bff8145eb3431d890e394df910_JaffaCakes118

Files

665499bff8145eb3431d890e394df910_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a9b12372cf6bb907eee2d32ac9d2e0f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipGetImageWidth
GdipDisposeImage

ole32

CoMarshalHresult
CreateItemMoniker
CoUninitialize
CoFreeUnusedLibraries
GetRunningObjectTable
CreateStreamOnHGlobal
StringFromCLSID
CLSIDFromString
CoCreateInstance
StringFromGUID2
CoInitialize
CoInitializeEx
CoTaskMemFree
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemAlloc

kernel32

GetACP
InterlockedCompareExchange
GetProcessHeap
GetCurrentProcessId
SetPriorityClass
GetLocaleInfoA
IsDebuggerPresent
HeapFree
GetStartupInfoA
GetLocaleInfoW
InterlockedExchange
HeapAlloc
GetThreadLocale
EnumResourceTypesA
GetVersionExA
SetUnhandledExceptionFilter
RaiseException
QueryPerformanceCounter
GetPrivateProfileIntA
CreateProcessA
VirtualProtect
MulDiv
TerminateProcess
GetTempPathA
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcess
GetTempFileNameA
TlsFree

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ