75977bb2dab33af9edb71a7955a02be8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

75977bb2dab33af9edb71a7955a02be8_JaffaCakes118
Size

163KB
MD5

75977bb2dab33af9edb71a7955a02be8
SHA1

542fbf1f7ab372c6aa81a54cd909f23799fa3034
SHA256

fc039ad666ee795afe5e234da61a983691510ad7c33f2c901fd60a59509db92b
SHA512

6ffe0aceedf17703a3813bd111be128ee01b6fc6cd340d04539b80b992367536ee7291061ce3b3f95be356d70c073ef1f8b34e6303e9bb41a7b9da8d261cf85e
SSDEEP

3072:bG3TIkGjKhx+s+u0OGc8dMKAPmGyJFXMOSf7lbwn1JZWY+pBH:K3MkGjOx+qFk95emvZWYs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75977bb2dab33af9edb71a7955a02be8_JaffaCakes118

Files

75977bb2dab33af9edb71a7955a02be8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8d0a53638bcde691228d81e2ba2ba0c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCalendarInfoA
SetCurrentDirectoryW
FlushInstructionCache
FindResourceExW
CreateFileW
GetLocalTime
LockResource
EnumResourceNamesA
ExitProcess
FindFirstFileW
GetPriorityClass
GetCurrentDirectoryW
SetFilePointerEx
GetProcessAffinityMask
LoadResource

ole32

CoGetMalloc
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

msimg32

AlphaBlend
TransparentBlt

shlwapi

PathAppendW
PathCombineW
SHGetValueW
PathRemoveFileSpecW
PathFileExistsW

Sections

.text
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ