c06e1f1cc8b41d2662accefdeb647e46_JaffaCakes118 | Triage

Sharing

General

Target

c06e1f1cc8b41d2662accefdeb647e46_JaffaCakes118
Size

277KB
MD5

c06e1f1cc8b41d2662accefdeb647e46
SHA1

466a8a4d65ebcc53b918400e203004802ae6e983
SHA256

9d1b86c49f0935b288ec983433b75b0ad677d2cf528967ac77e5bff55fbcf1b1
SHA512

d108d53d3a630f46ea334badb2a34f3ec367af974c42d77926fabb4bafd74397c00d2e033411213186fe75ea1eccf2ae15783ed433ba01f80fe8d7b182f36251
SSDEEP

6144:LEtGL2CvkyjIWpa90mOoDst8eLhQT/Dnov3evYPNTR8jM5dhQM:5LWyjI0MGe4Id6d8jM3hQM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c06e1f1cc8b41d2662accefdeb647e46_JaffaCakes118

Files

c06e1f1cc8b41d2662accefdeb647e46_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a3985e187b5177f6d2b411191ecc13f9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLangID
VirtualAlloc
VirtualFree
GetCommTimeouts
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
HeapSize
HeapDestroy
GetVersionExA
FreeLibrary
LoadLibraryW
GetProcAddress
GetCurrentThreadId
GetLastError
LocalFree
GetVersionExW
HeapFree
HeapReAlloc
HeapAlloc
FindResourceExW
FindResourceW

oleaut32

OleSavePictureFile
SysAllocStringByteLen
SafeArrayUnaccessData
SysReAllocStringLen
OleLoadPictureFileEx
ClearCustData
OleLoadPictureFile

msvfw32

ICInfo

Sections

.text
Size: 174KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 246B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ