d5e21c7e4e38da25440dde05bd77252b_JaffaCakes118 | Triage

Sharing

General

Target

d5e21c7e4e38da25440dde05bd77252b_JaffaCakes118
Size

194KB
MD5

d5e21c7e4e38da25440dde05bd77252b
SHA1

09f7513476e57695ade71a788ed5671667974100
SHA256

762df47eebb891520784292b2a8d1b3be226cd07758d795dc4f92c64a08302cf
SHA512

9c854f8f3a1170ab2049eb4a1c4536659129edb8a4e731b44dc96271b4799450f19d0324cabe36b85c741f7137d12c662624178f9979af473b13304a424ccef8
SSDEEP

6144:ht15RY73OI0Gz5YWdUIckYzp8mDjyw/uQ:hBRaIMYMUIcrzWwjy7Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5e21c7e4e38da25440dde05bd77252b_JaffaCakes118

Files

d5e21c7e4e38da25440dde05bd77252b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4588b58a9178f31c9640e1ae02705361

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipCloneImage

winmm

timeGetTime
timeSetEvent

ole32

OleTranslateAccelerator
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc

kernel32

HeapAlloc
BeginUpdateResourceW
GetVersionExA
HeapFree
WriteConsoleW
GetStringTypeW
ExitThread
GetProcessHeap
UnhandledExceptionFilter
QueryPerformanceCounter
EnumResourceTypesW
GetFileType
GetLocaleInfoA
GetShortPathNameW
GetStartupInfoA
GetStringTypeA
GetCommandLineA
InterlockedIncrement
GetFullPathNameW
GetStdHandle

Sections

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ