6ef5711641efa696ffee4f72287b205c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6ef5711641efa696ffee4f72287b205c_JaffaCakes118
Size

189KB
MD5

6ef5711641efa696ffee4f72287b205c
SHA1

e2dfa1f4beb01e64bdab1641946be8778c126caf
SHA256

0dd13949e8136408cba712d5991c6f6076878c43ecd8b39f93ebc8b4234c3ea6
SHA512

b13fce5c6e144018b7b8a96a7a572162bf3e612f88f438c6c91b162dbb5a5ef80cf4f35b20c1e16f0c4b0784b34d7d0859dd34353dd7e342bbf0a6c55dc29b34
SSDEEP

3072:l8KB1rYFHNxgQi/duFU8i51o4cc0ZBN760x9cgxAeDwjPPLomnJPrgJpkA/J:XB1rYFHzgQi/duU8iwIMGOeRTPLXuh/J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ef5711641efa696ffee4f72287b205c_JaffaCakes118

Files

6ef5711641efa696ffee4f72287b205c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

268c126c8fb85dfc2939f24f2ff307e8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleTranslateAccelerator
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc

gdiplus

GdipCloneImage

winmm

timeGetTime
timeSetEvent

kernel32

MapViewOfFile
QueryMemoryResourceNotification
GetFileType
ExitThread
GetVersionExW
GetConsoleMode
CreateFileMappingA
GetLocaleInfoA
UnmapViewOfFile
WriteConsoleW
GetConsoleCP
HeapFree
QueryPerformanceCounter
GetStringTypeA
FlushFileBuffers
GetStartupInfoA
GetEnvironmentVariableW
GetVersionExA
EnumResourceTypesW
HeapAlloc
GetStringTypeW
GetCurrentDirectoryW
InterlockedIncrement
HeapAlloc
WriteConsoleW
GetVersionExA
HeapFree
GetProcessHeap
GetFullPathNameW
UnhandledExceptionFilter
CreateFileA
GetCommandLineA
GetStdHandle

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ