b13fd7506723d3742e715ee4eb884323_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b13fd7506723d3742e715ee4eb884323_JaffaCakes118
Size

1.5MB
MD5

b13fd7506723d3742e715ee4eb884323
SHA1

0f8de0a6331e32a6d90b7c5195b3393d34d4c0e8
SHA256

59ed99e85eac13ca2ef52ddc46e2ea2af863fb0e5b1e1a8f9c2ec3f6a322fefb
SHA512

0d671f8cebf3b7f2bfea76dcbe172f503ad4a699ce798bd51c3a06b8697765b0ebebdd28330f62b23e8b7c95b2108b937c70f4b4743b6c7de448a2f12d300977
SSDEEP

24576:EthPAMv+xitvTeZXUff+2Vr+u0Qyh6GY6AqAI6FNlOLr8hTAzaUcqLG1XvXLTU3k:xEJfm2xptY6z6AFkLYhTAaUPL2X/MKZ3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b13fd7506723d3742e715ee4eb884323_JaffaCakes118

Files

b13fd7506723d3742e715ee4eb884323_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cd2e4f056a6991f008a1e66c6cf8bada

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipGetImageWidth
GdipDisposeImage

ole32

CoGetMalloc
CoUninitialize
CoTaskMemAlloc
StringFromGUID2
CoInitialize
CoTaskMemFree

kernel32

GetCalendarInfoW
IsDBCSLeadByte
GetVersion
GetCurrentProcessId
GetTempPathA
DeleteFileW
DeleteFileA
SetHandleCount
HeapSize
GetStartupInfoA
HeapDestroy
GetVersionExA
MultiByteToWideChar
GetTickCount
Sleep
GetNumberFormatA
ExpandEnvironmentStringsA
EnumResourceNamesA
QueryPerformanceCounter
GetStringTypeW
lstrcpynA
GetStringTypeA
WaitForSingleObject
HeapCreate
GetCPInfo
WideCharToMultiByte
GetFullPathNameW
GetCurrentProcess
GetLocaleInfoA
InitializeCriticalSection
ExitProcess
lstrcpynW
GetModuleFileNameA
CreateDirectoryA
FindResourceA
SystemTimeToFileTime
CompareStringA
GetFullPathNameA

Sections

.text
Size: 730KB - Virtual size: 729KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 799KB - Virtual size: 798KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 6.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ