6ffba9cf6b79c8250514c34b0214b6dc_JaffaCakes118 | Triage

Sharing

General

Target

6ffba9cf6b79c8250514c34b0214b6dc_JaffaCakes118
Size

958KB
MD5

6ffba9cf6b79c8250514c34b0214b6dc
SHA1

2164f0e34b657829c8013d8e26bdbc536fc41276
SHA256

8ca6984b472401ab675f7f051d96febb4f33c7e8b7b51124a38d939c987b8e8b
SHA512

f8437e74350ef5d2221e1f3d0bc8d9de606c67dd4aebfc16104aaa8431ecf8ef5ad386e8a1d16fa91b15c3780aa89763c0bdb100b29d5ef3d87d1a1b97be0669
SSDEEP

24576:7K1+dnJMA/4cwy3VPmXDnDoKTAX2jSS4NV:G1g/S4dSDnGhpNV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ffba9cf6b79c8250514c34b0214b6dc_JaffaCakes118

Files

6ffba9cf6b79c8250514c34b0214b6dc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

23f5f9812a9bfabbc5c9c22db15ace7e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

DrawDibProfileDisplay
ICRemove

kernel32

GetACP
GetThreadLocale
FreeResource
FindNextFileW
GetFullPathNameW
EndUpdateResourceW
CloseHandle
GlobalAlloc
ReadFile
UpdateResourceW
GetVersionExW
LoadLibraryExW
GetModuleHandleA
GetEnvironmentVariableA
ExitProcess
GetVersion
WideCharToMultiByte
FreeLibrary
RaiseException
GlobalFree
LoadLibraryExA
LocalFree
GetOEMCP
SetFilePointer
InterlockedExchange
InterlockedCompareExchange
GetFileInformationByHandle
GetLocaleInfoA
BeginUpdateResourceW
FindClose
GetSystemDirectoryA

ole32

CoInitialize
CLSIDFromString
StringFromIID
StringFromCLSID
CoUninitialize
CoCreateInstance
CoTaskMemFree

imagehlp

ImageNtHeader
ImageGetDigestStream
ImageDirectoryEntryToData
ImageRvaToVa

user32

CharNextA
CharNextW
wsprintfW

Sections

.text
Size: 565KB - Virtual size: 564KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 365KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ