ae2411f4bbce08b5a4605ee5385703d6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae2411f4bbce08b5a4605ee5385703d6_JaffaCakes118
Size

167KB
MD5

ae2411f4bbce08b5a4605ee5385703d6
SHA1

422c0c2c234b64d499a89cdb9ca16904d5daef20
SHA256

d6027b2b9bb88b8416be18df3d35b9b86a9c1e0bb66fc62543c2aa75490ef418
SHA512

63bb8514cc86812ded51122c7c334466056336a9f8c24b26105a64c22c5d935ca21c0a9bcf23aeb7e839086929a359d41bb263d0a5a835fd1e3bbc7811c7ef10
SSDEEP

3072:Rd9cLjz0WoN0q8isxIT8ij6Cz9zln6SOd7DumJQk9VOqLBGPvEun8QGPMYgC:Rd9WIWo4rijHzkvumaSMq4Psc8FT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae2411f4bbce08b5a4605ee5385703d6_JaffaCakes118

Files

ae2411f4bbce08b5a4605ee5385703d6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a2e3fb5fbaa7964cddca0add9690608a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

kernel32

GetCPInfoExW
QueryPerformanceCounter
GetEnvironmentStringsW
GetLastError
GetEnvironmentStrings
InterlockedExchange
GetOEMCP
lstrlenW
MultiByteToWideChar
SetHandleCount
HeapSize
GetVersionExA
FreeEnvironmentStringsW
GetThreadLocale
InterlockedIncrement
UnhandledExceptionFilter
GetStartupInfoA
GetCPInfo
GetLocaleInfoA
EnumResourceTypesA
GetACP
WriteFile
WideCharToMultiByte
GetFileType
GetCommandLineW
EnterCriticalSection
DeleteCriticalSection
RaiseException
TlsGetValue
InitializeCriticalSection
GetTickCount
TlsSetValue
FreeEnvironmentStringsA
GetStdHandle
LeaveCriticalSection
GetCurrentProcessId

gdi32

GetTextMetricsA
SelectObject
GetDeviceCaps
GetTextExtentPointA
DeleteObject
CreateFontIndirectA

ole32

CoGetMalloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc
CoTaskMemRealloc

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ