a6dc1a5aab7d6fa61553175b4d54c872_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a6dc1a5aab7d6fa61553175b4d54c872_JaffaCakes118
Size

358KB
MD5

a6dc1a5aab7d6fa61553175b4d54c872
SHA1

84ae3256dc0b47dcef6d0ffbb6a00db18175bb68
SHA256

94963e1e7294f6cda26c837894fd202bccace9edc2f10f519392aa73bf4826b3
SHA512

9babeb75361275d182a849648863710e61ad867ae75394959f8b7b9b5a4f4595f3118e8d5f28a544ddb8e2aac52f0b4ede05fc0d37d4d45dfb796ab27db2bafd
SSDEEP

6144:9apb2UFYTdgv96rT/FFw85YMlOG/XPpcQcyDbujpfYzsK1M/mcV35uElo2ER86Oc:Uh+pgvIH/GenZcQ1QYz3g5H5EaU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6dc1a5aab7d6fa61553175b4d54c872_JaffaCakes118

Files

a6dc1a5aab7d6fa61553175b4d54c872_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e31da9913b579477f2a01abc7b830faf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
FreeLibrary
GetProcAddress
EnumCalendarInfoA
LoadLibraryW
WideCharToMultiByte
DeleteFileW
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GlobalLock
GlobalUnlock
GlobalAlloc
GlobalFree

oleaut32

SafeArrayDestroyDescriptor
GetErrorInfo
VarFormatNumber
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

msimg32

TransparentBlt

Sections

.text
Size: 248KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE