a269e774639cbba1b22312e2f993f809_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a269e774639cbba1b22312e2f993f809_JaffaCakes118
Size

166KB
MD5

a269e774639cbba1b22312e2f993f809
SHA1

c6464fd3c7ff4b6bbcba46aa6ebd02b257af7374
SHA256

523a59a2721c9951798a6f3b33d917fa28d722661769ff18728888dca93314ff
SHA512

9cb265304e7a86b9e7f7e59efa9d03ef0dcdeac428d74e788c39e117fa37a3e8be405a9bfa898b7b33f8302d8ae865b475cbef9e6a60f1925725ffa15861f260
SSDEEP

3072:0MN0BV68g6ARHbBQBY5j4tPdA3bj6vL9yc4A3rKXvp0xaglm1DtiF:0MkvHkSBYtKG3iz4HXB0x3lmni

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a269e774639cbba1b22312e2f993f809_JaffaCakes118

Files

a269e774639cbba1b22312e2f993f809_JaffaCakes118
.exe windows:4 windows x86 arch:x86

36f6a1a65cef8d16cadeb8ec07587b5d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleSave
StringFromGUID2
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

winmm

timeGetTime
timeSetEvent

gdiplus

GdipCloneImage

kernel32

SetFirmwareEnvironmentVariableW
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
LocalFree
LoadLibraryA
LeaveCriticalSection
SetStdHandle
GetProcAddress
LCMapStringA
EnumResourceTypesA
GetModuleHandleA
GetLastError
GetLongPathNameA
GetSystemInfo
LocalAlloc
LCMapStringW
GetStringTypeA

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ