d41dcdd7584abdfcbbc34228cf150718_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d41dcdd7584abdfcbbc34228cf150718_JaffaCakes118
Size

176KB
MD5

d41dcdd7584abdfcbbc34228cf150718
SHA1

34c996299bcd21119a6434e97df5907bca62e00c
SHA256

370c5a47803691b7519981a096621980ec276eae455907fd51349312c3f226ed
SHA512

0ce8d053f84bd539cffab136472d2cc19765602f83f3a206548ec0510841d648d7f5a57475d917f97f1e613d57ce8ce23378aa0b16fb4ec117d7a59a397bb337
SSDEEP

3072:EWnqGIBGx9e2Ubuu+c1ntmBpRkAMXV6V88vIN0MxlhJZVq0b3fsZ5+MKsAse:wNcxA2mdc1kAMMV80MxlBsoY5Nh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d41dcdd7584abdfcbbc34228cf150718_JaffaCakes118

Files

d41dcdd7584abdfcbbc34228cf150718_JaffaCakes118
.exe windows:4 windows x86 arch:x86

24e32d03f7a34ee572b8ab4cc1a8bdc4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
RaiseException
EnterCriticalSection
GetCPInfoExW
GetEnvironmentStringsW
UnhandledExceptionFilter
GetTickCount
FreeEnvironmentStringsW
GetThreadLocale
TlsSetValue
GetOEMCP
InitializeCriticalSection
LeaveCriticalSection
GetVersionExA
lstrlenW
EnumResourceTypesA
GetEnvironmentStrings
GetStartupInfoA
QueryPerformanceCounter
InterlockedExchange
FreeEnvironmentStringsA
MultiByteToWideChar
TlsGetValue
WideCharToMultiByte
GetLastError
SetHandleCount
GetCommandLineW
InterlockedIncrement
GetCPInfo
GetACP
DeleteCriticalSection
GetFileType
HeapSize
GetLocaleInfoA
GetStdHandle
GetCurrentProcessId

gdi32

SelectObject
GetTextExtentPointA
GetTextMetricsA
GetDeviceCaps
DeleteObject
CreateFontIndirectA

ole32

CoGetMalloc
StringFromGUID2
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ