cd1f60e33e97cfd8666442bbb73d61d6_JaffaCakes118 | Triage

Sharing

General

Target

cd1f60e33e97cfd8666442bbb73d61d6_JaffaCakes118
Size

184KB
MD5

cd1f60e33e97cfd8666442bbb73d61d6
SHA1

ef28dc487c4664fd5cc71bbbba2bd2d2af3ec991
SHA256

ca64ef74f5424656bc57a9131651785a69001634d0af0b1280c9101be48fcae5
SHA512

74ee00cf1026061c9bd9d1e8f6c21f6ceb626a80efcb73773b004376a8ffa3571e3dbed77c6af2f430ff8ffbcf084438a2cdabb4fd1465d8ac3fca0dcd38cc66
SSDEEP

3072:ZCo+5CqpKED6/yn+fz4d1urm7t0Mzkwt5ySg3hnPUJMEFwsrwQ3nqIKqKzEc2XP:Za3pX/+fzYEr2t3zkwtgJxIz9r3nqIKh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd1f60e33e97cfd8666442bbb73d61d6_JaffaCakes118

Files

cd1f60e33e97cfd8666442bbb73d61d6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

73f9d2384a8579cf2862bf5f430bd254

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipCloneImage

ole32

OleSave
StringFromGUID2
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc

kernel32

SetFirmwareEnvironmentVariableW
LoadLibraryA
DeleteCriticalSection
LCMapStringA
LeaveCriticalSection
LCMapStringW
InitializeCriticalSection
EnterCriticalSection
EnumResourceTypesA
GetProcAddress
SetStdHandle
GetLongPathNameA
GetModuleHandleA
LocalFree
GetSystemInfo
LocalAlloc
GetLastError
GetStringTypeA

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

winmm

timeGetTime
timeSetEvent

Sections

.text
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ