a238121d061d005d9e659b6ffda70fe3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a238121d061d005d9e659b6ffda70fe3_JaffaCakes118
Size

188KB
MD5

a238121d061d005d9e659b6ffda70fe3
SHA1

6486f185013d3988bb8962115ff10c43db3e8a31
SHA256

1368420bac18e96fded7404558240b932c9d1600c816f95f3c0ee63131924005
SHA512

88fb316bf7a8c6c183287f8d9141d2cd2a94cfc41c4a796f647ceb51a55c221fcf8a4bcf64a75cae185b3725760789870058c2c038277d2f9cf41abb6de13438
SSDEEP

3072:CYTr02ETLbwYC88DETt4XSrhcx0qLTMuLm2vL8ElBSBsL8TOz/6836Wmn:ZmwcRTS2hcuqLTMuTvDloBkyOz/666H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a238121d061d005d9e659b6ffda70fe3_JaffaCakes118

Files

a238121d061d005d9e659b6ffda70fe3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8b55febf0124bc4b87b25345f20f89a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

ICClose
ICOpen
ICSendMessage
ICDecompress

user32

wsprintfA
wsprintfW

ole32

StgCreateDocfile
StgOpenStorage

kernel32

GetShortPathNameW
MultiByteToWideChar
IsBadWritePtr
GetCurrentThreadId
lstrlenW
GetLastError
GetThreadLocale
GetProcessTimes
LocalFree
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
GetProcAddress
UnhandledExceptionFilter
EnumResourceTypesA
WideCharToMultiByte
lstrlenA
ExitProcess
CloseHandle
GetModuleHandleA
GetCurrentProcessId
FreeLibrary
CreateFileA
InitializeCriticalSection
IsBadReadPtr
LoadLibraryA
GetVersionExA

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ