77e0448091a9b772af291117419c80eb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

77e0448091a9b772af291117419c80eb_JaffaCakes118
Size

145KB
MD5

77e0448091a9b772af291117419c80eb
SHA1

02bd410e90ab624797cc3ad2948c8b47c5585d1f
SHA256

d024c44ac6f1e2f00ae52d76fe9ea337c41cf146b3421076bad9a2865b2993f5
SHA512

e13523467ff22ce69e3e1d5aa41c41a8165265fa3824b28d1df3b041147fad80030176c0e027aad1422585b33ae4643d2d036afbf668c3d8ce3362d52a5a954d
SSDEEP

3072:zvdKFiej5Gk0jfIlo51nLt4AHWFYVoleevZA7KsM7n:zvdKJ5GkHo51mKrVolVvZkzWn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77e0448091a9b772af291117419c80eb_JaffaCakes118

Files

77e0448091a9b772af291117419c80eb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

75f18fff466f03192d664c2adc2698cb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextColor
GetBkColor
GetMapMode
GetTextExtentPoint32W
CreateFontIndirectW
CreateSolidBrush
GetStockObject
CreatePatternBrush
DeleteDC

ole32

CoCreateGuid
StringFromCLSID
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
OleLockRunning
StringFromGUID2
CoAllowSetForegroundWindow
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoCreateInstance
CoInitializeSecurity
CoSetProxyBlanket
CoInitializeEx
CoUninitialize
CoTaskMemFree
CoGetClassObject

shell32

SHGetFolderPathW
DragQueryFileW
DragFinish
CommandLineToArgvW
SHFileOperationW

comdlg32

GetFileTitleW

kernel32

GetLocaleInfoW
ExpandEnvironmentStringsW
GetCurrentThread
LZCopy
CreateProcessW
HeapAlloc
GetProcessHeap
HeapFree
GetVersionExW
SizeofResource
LockResource
LoadResource
FindResourceW

oleaut32

OleLoadPictureEx
GetRecordInfoFromTypeInfo
VarI4FromDec
SysFreeString

Sections

.text
Size: 75KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ