cfcfe6802b512ad6152f51ebe6e0985f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cfcfe6802b512ad6152f51ebe6e0985f_JaffaCakes118
Size

347KB
MD5

cfcfe6802b512ad6152f51ebe6e0985f
SHA1

b03c1fbce92a5f136569cb3f1edf8692b7056c64
SHA256

755c845d46378af2ff531cfbf24da90d8d6151e97354adba165170ee60a14552
SHA512

65c5a16892cfb0d44c285efe6e77919dfb72fbf3db67cc839a522748a3dcdd5217fb18af326ff4fc22e536054d6e6cfd611e2982e5c71a91aad88f16f1864487
SSDEEP

6144:Dr7/PBw8Vp8iRW0f2C0mthee2Sg96X9iJ8seZGOJQewN38lww7qlTl+rRQ9NcK:Df/S8VJRW0fF0mtheergCsnOWePyPTlK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfcfe6802b512ad6152f51ebe6e0985f_JaffaCakes118

Files

cfcfe6802b512ad6152f51ebe6e0985f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

59c2690ff8e47d665d626b8cb5b9732a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
SetErrorMode
CreateMailslotW
EnumCalendarInfoExW
FreeLibrary
LoadLibraryA
IsBadCodePtr
UnhandledExceptionFilter
GetEnvironmentStrings
GlobalFlags
GetWindowsDirectoryA
VirtualQuery
SetHandleCount
LCMapStringA
GetModuleHandleA
GetTickCount
InterlockedExchange
LocalFree
InterlockedDecrement
LocalAlloc
GetThreadPriority
GetCurrentThreadId
LockResource
GetVersion
CloseHandle

oleaut32

VARIANT_UserFree
CreateErrorInfo
VarUI1FromUI8
GetErrorInfo
SetErrorInfo
VariantInit
SysFreeString

userenv

RegisterGPNotification
UnregisterGPNotification

Sections

.text
Size: 218KB - Virtual size: 277KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE