12db771eaa590e7bca7d6f146836d499_JaffaCakes118 | Triage

Sharing

General

Target

12db771eaa590e7bca7d6f146836d499_JaffaCakes118
Size

193KB
MD5

12db771eaa590e7bca7d6f146836d499
SHA1

c5863403ee35968c8ff47d0b4854640f04b50163
SHA256

7175f39e8e1d36424c4c98531a423b7ccedc9607b683e1274f2e6b34359898c0
SHA512

3b2b5ec72cc40913bfe9e10edbb047508ab6576abc21ed97d85e8ce98dd41f859d8c427c1330ef1102cfc78f9049d875d024e6917af8b76c9578b9311504f047
SSDEEP

3072:y9fJOJ0ZFXoKetJEXVsAromdT0slsofctfjbXKpJK+XcXUHvFAJZ57Mien:6fAeFXCtJgqS9fSj7KXRXvqf5E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12db771eaa590e7bca7d6f146836d499_JaffaCakes118

Files

12db771eaa590e7bca7d6f146836d499_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6998faccdb9de7ea5b42b7f3d401bafe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleTranslateAccelerator
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoTaskMemRealloc

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

winmm

timeGetTime
timeSetEvent

kernel32

LCMapStringW
GetSystemInfo
SetFirmwareEnvironmentVariableA
DeleteCriticalSection
LCMapStringA
GetModuleHandleA
GetProcAddress
LocalFree
LeaveCriticalSection
EnumResourceTypesW
SetStdHandle
InitializeCriticalSection
LoadLibraryA
GetShortPathNameW
GetLastError
LocalAlloc
EnterCriticalSection
GetStringTypeA

gdiplus

GdipCloneImage

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ