a3f038abddf6f512d19e6fc54e522c6e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a3f038abddf6f512d19e6fc54e522c6e_JaffaCakes118
Size

172KB
MD5

a3f038abddf6f512d19e6fc54e522c6e
SHA1

4f9d10af166df8dfa32e1e0dd697e721d5a7c939
SHA256

025be7959d1e2aff2dba644c74a3174efdc4362cc776e2e666af17752060c967
SHA512

6e63daccc50e14db61a022adac36417ba19df47de21a4ac5a8b559cc1d5abc4bb50565a855dd7c1b09b5f986b4af8014078bfd8ed5187cb7bd1769d3bbab75cc
SSDEEP

3072:N/QjN6MyAallxqAhCCadMN+x6CMmKGeritwkRY+7leZyWheJdQwy1Bx:NYZMHUHZICMmKJWhRY+7oZyMGQfBx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3f038abddf6f512d19e6fc54e522c6e_JaffaCakes118

Files

a3f038abddf6f512d19e6fc54e522c6e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9d0a29f05b6018414bbc0a0d7f24ef6b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

ole32

CoGetMalloc
StringFromGUID2
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoTaskMemRealloc

gdi32

SelectObject
GetDeviceCaps
DeleteObject
GetTextExtentPointA
GetTextMetricsA
CreateFontIndirectA

kernel32

EnterCriticalSection
MultiByteToWideChar
HeapSize
GetCPInfoExW
DeleteCriticalSection
GetLocaleInfoA
GetStartupInfoA
RaiseException
GetCPInfo
InterlockedIncrement
GetThreadLocale
GetEnvironmentStrings
GetEnvironmentStringsW
lstrlenW
EnumResourceTypesA
QueryPerformanceCounter
GetTickCount
GetOEMCP
WriteFile
UnhandledExceptionFilter
GetLastError
GetACP
TlsSetValue
FreeEnvironmentStringsA
SetHandleCount
InterlockedExchange
InitializeCriticalSection
FreeEnvironmentStringsW
GetCommandLineW
LeaveCriticalSection
WideCharToMultiByte
GetFileType
GetVersionExA
GetStdHandle
TlsGetValue
GetCurrentProcessId

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ