ac6853178af159d1abfa28aa1645b095_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac6853178af159d1abfa28aa1645b095_JaffaCakes118
Size

166KB
MD5

ac6853178af159d1abfa28aa1645b095
SHA1

ee7ae76dda5ea2e22be1005d00221ee2be436d12
SHA256

90c3838f6a9c2d06ebf86e7ad6223368a8d0fe0399c2f131eee7d811049db19a
SHA512

d1064b744d3aca5d8cc593c92e368bc1ab33e1f3416b8206b41e0db25ab859e81877914c6c85a6eb3453c1d6061fb95b43960e2b8dd8c78205b112c9863c7f55
SSDEEP

3072:OLX9ibp1T0yVnptIIUrtuhuD7uQD1u57qvVpFMLe9i/mpbtzi7dXgKgR1CO:OBEp/P3/wD7ut57nAi/mpbtmpXa1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac6853178af159d1abfa28aa1645b095_JaffaCakes118

Files

ac6853178af159d1abfa28aa1645b095_JaffaCakes118
.exe windows:4 windows x86 arch:x86

20244028c2061ed1b42175dc562e50c3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetMalloc
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

msimg32

AlphaBlend
TransparentBlt

shlwapi

PathRemoveFileSpecW
PathAppendW
PathCombineW
SHGetValueW
PathFileExistsW

kernel32

GetCalendarInfoA
GetPriorityClass
CreateFileW
GetProcessAffinityMask
FindResourceExW
LockResource
EnumResourceNamesA
SetFilePointerEx
FindFirstFileW
GetLocalTime
GetCurrentDirectoryW
ExitProcess
FlushInstructionCache
SetCurrentDirectoryW
LoadResource

Sections

.text
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ