af7577ef707b0e904b08dc94898f9f2b_JaffaCakes118 | Triage

Sharing

General

Target

af7577ef707b0e904b08dc94898f9f2b_JaffaCakes118
Size

181KB
MD5

af7577ef707b0e904b08dc94898f9f2b
SHA1

8f780cbf5d81c2381bc091e4c0a28ef43bc9486b
SHA256

c80e66e45b80ed4a3531bad7dd8b69a505019b5e8440766312853a4844e105c1
SHA512

1306fd04d869c40a7307c53c62d87a73451d4b21d5bd0e4c3bb68ccf17612b26f4cc70dc23704276978bba06a30b6f9b200b3301aeb7c59b40ea7ad86c42b50a
SSDEEP

3072:LmyEWwfoJFYz+YNqQtNGnvemjclZIvnRTOS6bQjuJV:Lm9BoJFCRw2MnveBSbjuJV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af7577ef707b0e904b08dc94898f9f2b_JaffaCakes118

Files

af7577ef707b0e904b08dc94898f9f2b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cec4359086325f74a11ae72c2053767f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrDupW
PathSkipRootW
PathIsUNCW
SHRegGetValueW
PathGetArgsW
PathFindFileNameW

gdiplus

GdipGetImageWidth
GdipDisposeImage

kernel32

InterlockedExchange
GetCalendarInfoW
DuplicateHandle
GetProcessId
GetCurrentDirectoryW
SetLastError
LocalAlloc
CreateDirectoryW
OutputDebugStringW
GetCurrentThreadId
GetProcAddress
WideCharToMultiByte
MultiByteToWideChar
ExitProcess
SearchPathW
EnumResourceNamesA
LocalFree
OutputDebugStringA
lstrcmpiW
VirtualQuery
InitializeCriticalSection
GetFileInformationByHandle
GetModuleHandleW
SetEnvironmentVariableW
lstrlenW
GetFileAttributesW
VirtualProtect
GetLastError
GetCurrentProcess
GetModuleFileNameW
GetModuleHandleA
FreeLibrary
Sleep

ole32

CoGetDefaultContext
StringFromGUID2
CoInitialize
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ