cfb391cae132bb95186a782004b1f675_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cfb391cae132bb95186a782004b1f675_JaffaCakes118
Size

157KB
MD5

cfb391cae132bb95186a782004b1f675
SHA1

4dff50664912e902cea83644af9291d729d35806
SHA256

f3da2c8a8c4bb0fbc4c0adccb2a198ae655158e737bb3565d933e81c59988b0c
SHA512

b92aa97d00e1a342e36ae69e082735b9e726b136a9b4304d944f805f2d4894af2c423a539fea6b457ae98d8b28e633481c80f33e489193b361cb70aea1f0db48
SSDEEP

3072:C/Ahrl5se2EbrKXKjMg4zAogGcn60ydBFHG8Uousl/krI6YcIe38qnx:C4h55se2nXSnTogGc60yPFm8UZI6fxx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfb391cae132bb95186a782004b1f675_JaffaCakes118

Files

cfb391cae132bb95186a782004b1f675_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f3065158fcc6a81418ce1603152542de

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextColor
GetBkColor
GetMapMode
GetTextExtentPoint32W
CreateFontIndirectW
CreateSolidBrush
GetStockObject
CreatePatternBrush
DeleteDC

ole32

CoCreateGuid
StringFromCLSID
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
OleLockRunning
StringFromGUID2
CoAllowSetForegroundWindow
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoCreateInstance
CoInitializeSecurity
CoSetProxyBlanket
CoInitializeEx
CoUninitialize
CoTaskMemFree
CoGetClassObject

shell32

SHGetFolderPathW
DragQueryFileW
DragFinish
CommandLineToArgvW
SHFileOperationW

comdlg32

GetFileTitleW

kernel32

GetLocaleInfoW
ExpandEnvironmentStringsA
GetCurrentThread
LZOpenFileA
CreateProcessA
HeapAlloc
GetProcessHeap
HeapFree
GetVersionExA
SizeofResource
LockResource
LoadResource
FindResourceA

oleaut32

LHashValOfNameSys
GetRecordInfoFromTypeInfo
VarUI4FromDec
SysFreeString

Sections

.text
Size: 109KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 282B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ