6f98e0fd25f7f30815ff97528e0da51d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6f98e0fd25f7f30815ff97528e0da51d_JaffaCakes118
Size

353KB
MD5

6f98e0fd25f7f30815ff97528e0da51d
SHA1

2861c4ba40134e625ab4a870d5f96801a0b37daa
SHA256

49859f5765b1e35014d4ef0d1e034fca3b4e3a082ec59f6b01260bc5ff93d6ac
SHA512

65e4a93a3f8df1b4033df70281e6a4f4954ef0c82418de0e5e26b562eb78de36e63ec4d04349c75451f88f42441a48eb37aabe03c420a7fa4928b4af81e8316b
SSDEEP

6144:XHpwRw961lFno4RUsP9U7IjsJ+URV3WTbPzKTXKJvngp1iRw6oSYGfwPj07:MwAFHUNIjgjRV3gPzO6Jo1g5BYGl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f98e0fd25f7f30815ff97528e0da51d_JaffaCakes118

Files

6f98e0fd25f7f30815ff97528e0da51d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e31da9913b579477f2a01abc7b830faf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
FreeLibrary
GetProcAddress
EnumCalendarInfoA
LoadLibraryW
WideCharToMultiByte
DeleteFileW
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GlobalLock
GlobalUnlock
GlobalAlloc
GlobalFree

oleaut32

SafeArrayDestroyDescriptor
GetErrorInfo
VarFormatNumber
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

msimg32

TransparentBlt

Sections

.text
Size: 228KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE