f582ccbfd1bdc53b2d8ab5903d94311b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f582ccbfd1bdc53b2d8ab5903d94311b_JaffaCakes118
Size

174KB
MD5

f582ccbfd1bdc53b2d8ab5903d94311b
SHA1

df890c8cc675c1942aafe8e069f16be9ce62665e
SHA256

59f84bf9ccd8f2184ace12f3b81157c5b8e2ca8e6217986e1f2d238365e379d1
SHA512

26859b88c32370647d6cb276445a5a8a893b0c2c62824f48d2ccadedd3ba3298aa024378cbe83240d9da6dc2e0aafb6b4df28c62870093c08aef2e310e4e4ad7
SSDEEP

3072:OVkLNhwBw/y7p5gxUyHtfJdt28biurT6htKGo0HCbMx38AD0izJ:OVCNhwBwa7sxUcXt2Gl8tno7WF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f582ccbfd1bdc53b2d8ab5903d94311b_JaffaCakes118

Files

f582ccbfd1bdc53b2d8ab5903d94311b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9b1dd58494c8cfb3075ec0a81aced462

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetMalloc
ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

msimg32

AlphaBlend
TransparentBlt

kernel32

UnhandledExceptionFilter
lstrlenW
GetCalendarInfoA
MultiByteToWideChar
TerminateProcess
CreateProcessA
GetCurrentProcess
GetACP
GetEnvironmentVariableA
HeapDestroy
EnumResourceNamesA
InterlockedExchange
GetLocaleInfoA
RaiseException
lstrlenA
GetModuleHandleA
IsDebuggerPresent
FindFirstFileW
GetThreadLocale
SetUnhandledExceptionFilter
WideCharToMultiByte
HeapAlloc

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ