f06ee4db0830cab0c5b2c8e0ad23aa3e_JaffaCakes118 | Triage

Sharing

General

Target

f06ee4db0830cab0c5b2c8e0ad23aa3e_JaffaCakes118
Size

170KB
MD5

f06ee4db0830cab0c5b2c8e0ad23aa3e
SHA1

a6666e7d77f3abb99a17220de03fc1ca7702785f
SHA256

45ac4b5b15f0476637ea360d75fc0b6bd651e805ab69968b348472eec83beb2b
SHA512

fd7fc3d621374bc956554402b6b95a3dc9fc0b980e135e5bd3bc7602406a36bdaa9469df72cdcbde1d99ba7fdf31f3584c88f3d9297b5302af336aa326d1fc98
SSDEEP

3072:8S93wVMfq320RjDp0hJ8lqqtsq5DmQJFrKAD4foSmlbT:7lYRtRjDq/6GcFrKADconlP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f06ee4db0830cab0c5b2c8e0ad23aa3e_JaffaCakes118

Files

f06ee4db0830cab0c5b2c8e0ad23aa3e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

668f64dce03b511cfacacd3283969cd0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCalendarInfoW
LocalAlloc
LocalFree
GetFileAttributesW
GetProcAddress
GetFileInformationByHandle
GetLastError
OutputDebugStringW
DuplicateHandle
GetCurrentProcess
GetModuleFileNameW
CreateDirectoryW
InterlockedExchange
SetLastError
ExitProcess
GetModuleHandleA
lstrlenW
GetCurrentDirectoryW
EnumResourceNamesA
SearchPathW
SetEnvironmentVariableW
WideCharToMultiByte
VirtualProtect
lstrcmpiW
InitializeCriticalSection
OutputDebugStringA
MultiByteToWideChar
GetCurrentThreadId
FreeLibrary
GetModuleHandleW
VirtualQuery
GetProcessId
Sleep

shlwapi

PathGetArgsW
SHRegGetValueW
PathIsUNCW
StrDupW
PathSkipRootW
PathFindFileNameW

ole32

CoGetDefaultContext
CoTaskMemAlloc
StringFromGUID2
CoInitialize
CoUninitialize
CoTaskMemFree

gdiplus

GdipGetImageWidth
GdipDisposeImage

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ