bb1c17fa9023b65d33991bfc7e3a1d71_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb1c17fa9023b65d33991bfc7e3a1d71_JaffaCakes118
Size

204KB
MD5

bb1c17fa9023b65d33991bfc7e3a1d71
SHA1

3e41079da4a6ce715fe68c3024a214def1b2d1b5
SHA256

d813d3ec61174045969898ae63954e6605c82abc15137c269a4c8503625071e5
SHA512

34208db45adbd534a530cf4537670eaa888103dc2e0ae874144dcdb0176af5c4095b1a4d47d4a8da3c5bef243d07146fca764ed63bbeff5d83d8da40a3c673e4
SSDEEP

3072:AdJDtynOLisLGnDu6Nq8mo+j9KPyCv4YQrdy6AyMyF0D9LoK0LR4ar:AnDfvCD7fo9KPyFLdVMymD9oXr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb1c17fa9023b65d33991bfc7e3a1d71_JaffaCakes118

Files

bb1c17fa9023b65d33991bfc7e3a1d71_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e8337c29fec4c5fc0a036f6b0298ebe8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetMalloc
StringFromGUID2
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoTaskMemRealloc

gdi32

GetTextMetricsA
DeleteObject
GetDeviceCaps
SelectObject
GetTextExtentPointA
CreateFontIndirectA

msimg32

AlphaBlend
TransparentBlt

kernel32

GetVersionExA
GetCPInfoExW
UnhandledExceptionFilter
LeaveCriticalSection
GetStartupInfoA
GetEnvironmentStrings
GetACP
GetThreadLocale
EnterCriticalSection
RaiseException
QueryPerformanceCounter
FreeEnvironmentStringsA
GetStdHandle
FreeEnvironmentStringsW
WideCharToMultiByte
EnumResourceTypesA
GetCPInfo
MultiByteToWideChar
InterlockedIncrement
GetEnvironmentStringsW
GetTickCount
HeapSize
GetOEMCP
DeleteCriticalSection
GetLocaleInfoA
TlsGetValue
LoadLibraryW
lstrlenW
SetHandleCount
InitializeCriticalSection
GetLastError
GetFileType
InterlockedExchange
TlsSetValue
WriteFile
GetCurrentProcessId

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ