c942bb7ab7a947ce09f5e59ba7eb5745_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c942bb7ab7a947ce09f5e59ba7eb5745_JaffaCakes118
Size

172KB
MD5

c942bb7ab7a947ce09f5e59ba7eb5745
SHA1

9d5c0db38e7fdfbd53d58fdd10f1979e9a116925
SHA256

cae68adee9339f4bbf9613baa11b9c734f84d1e7886504deb0541dcc9a351cd3
SHA512

ae58ab801523b68c7b2bd0a87b8a8b95a436853b81800bb2920fffe76dfa56304204e6949ba62ccefd3cd1a44261395352b0c3a616abff678346467fd57da962
SSDEEP

3072:m5kWEKRxsko68yKToPW+Nb5sS05Jjox2DTGgKetin01hunL:mT5o6zq0b/qox/g1k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c942bb7ab7a947ce09f5e59ba7eb5745_JaffaCakes118

Files

c942bb7ab7a947ce09f5e59ba7eb5745_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7963398a23f0c13b347d5a8b31163f66

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

ICClose
ICOpen
ICSendMessage
ICDecompress

kernel32

LocalFree
GetProcAddress
GetShortPathNameW
LoadLibraryA
GetProcessTimes
IsDebuggerPresent
GetCurrentProcessId
InitializeCriticalSection
CreateFileA
EnumResourceTypesA
GetCurrentThreadId
ExitProcess
CloseHandle
GetModuleHandleA
SetUnhandledExceptionFilter
DeleteCriticalSection
GetLastError
UnhandledExceptionFilter
GetVersionExA

ole32

StgCreateDocfile
StgOpenStorage

user32

wsprintfA
wsprintfW

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ