ccc098c32b2f8d8bf219f2b2417f0967_JaffaCakes118 | Triage

Sharing

General

Target

ccc098c32b2f8d8bf219f2b2417f0967_JaffaCakes118
Size

177KB
MD5

ccc098c32b2f8d8bf219f2b2417f0967
SHA1

b0b5297e4cc1797230890c46433f22a5d7c9042a
SHA256

9e797e2a0e977ca727e298287a90a223d40a950f4a7126af1fbdf99e03e39b46
SHA512

67dfe74c2e98e57af134f5e50c95fdb500f5c1880a99087dbc4191cb2249d2f865a68b638b9fcceaf557487cd69746389f0819b617c91bd7b1929ec64efca38e
SSDEEP

3072:NFPzJiOI/uXX2IQO3FT4HBV836ixVe4ZojZMWutBSkaB8pP:XPzMOGuv9TIV83hbebjqWutBSka

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ccc098c32b2f8d8bf219f2b2417f0967_JaffaCakes118

Files

ccc098c32b2f8d8bf219f2b2417f0967_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a265de546f3fb10a6966b7367c9dad61

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetDefaultContext
CoTaskMemAlloc
CoInitialize
StringFromGUID2
CoUninitialize
CoTaskMemFree

kernel32

GetProcessId
GetCalendarInfoW
LocalFree
LocalAlloc
WideCharToMultiByte
InterlockedExchange
SetEnvironmentVariableW
GetProcAddress
GetModuleFileNameW
OutputDebugStringA
VirtualQuery
GetModuleHandleW
GetCurrentProcess
FreeLibrary
MultiByteToWideChar
GetCurrentDirectoryW
GetModuleHandleA
lstrcmpiW
EnumResourceNamesA
GetCurrentThreadId
SetLastError
GetLastError
InitializeCriticalSection
GetFileAttributesW
SearchPathW
VirtualProtect
CreateDirectoryW
DuplicateHandle
ExitProcess
lstrlenW
OutputDebugStringW
GetFileInformationByHandle
Sleep

gdiplus

GdipGetImageWidth
GdipDisposeImage

shlwapi

SHRegGetValueW
PathIsUNCW
PathSkipRootW
PathGetArgsW
StrDupW
PathFindFileNameW

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ