a66098dec1085d0275e3fd59927270fa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a66098dec1085d0275e3fd59927270fa_JaffaCakes118
Size

192KB
MD5

a66098dec1085d0275e3fd59927270fa
SHA1

384122ec977563cb2cbcde7a347855e5b99a9262
SHA256

f12d10518dad2ef72a0d42871ac4b5c9b9af1d4cb54f85f7d3ffde593fe71f0c
SHA512

273fee49a2963404f1bf7d8b6d3b5f3e376ebdb71fc59c42a120ea0dc50f121134371b7531c21584ff68cc276126f39d9d3a74a2c43de33a4afb1ae558a685a0
SSDEEP

6144:0sKOV1//mXTS3JNaYliJoMUlwbR7xMvh:lKOn/mDYWoMUlwb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a66098dec1085d0275e3fd59927270fa_JaffaCakes118

Files

a66098dec1085d0275e3fd59927270fa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cbaa99545b2072c838b1d7e8b6da0058

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipCloneImage

ole32

OleTranslateAccelerator
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc

kernel32

GetFileType
GetConsoleCP
QueryPerformanceCounter
GetLocaleInfoA
WriteConsoleW
QueryMemoryResourceNotification
GetProcessHeap
HeapFree
FlushFileBuffers
GetVersionExW
GetFullPathNameW
HeapAlloc
UnmapViewOfFile
MapViewOfFile
EnumResourceTypesW
GetStringTypeA
InterlockedIncrement
ExitThread
HeapFree
GetCommandLineA
WriteConsoleW
GetStringTypeW
HeapAlloc
GetPrivateProfileSectionNamesA
GetVersionExA
CreateFileA
GetConsoleMode
GetVersionExA
GetEnvironmentVariableW
UnhandledExceptionFilter
GetStartupInfoA
CreateFileMappingA
GetStdHandle

winmm

timeGetTime
timeSetEvent

Sections

.text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ