eb1ccf55e4d2eca9b18950de56f73d5b_JaffaCakes118 | Triage

Sharing

General

Target

eb1ccf55e4d2eca9b18950de56f73d5b_JaffaCakes118
Size

189KB
MD5

eb1ccf55e4d2eca9b18950de56f73d5b
SHA1

24e922a33d7633cb5ca663e369c6a91c07fb1666
SHA256

b3b28e866c281dfcc5c59976b95544659444b019a40e2693f4eec210c983884f
SHA512

15b84f9421a645db2f282f81c7c23b2a2480301a0dc5df04da7cc2204a8048945ce5e1fa9932a75306ba416e885f3dc299e09cce1334eaefb2ce8c4146d1f190
SSDEEP

3072:J00TiApT0yjqipyte+aJvlcSpQt1V1bjhiCnSWFuVLKV623FC72Ku1ciGE8c:J00XBNyETJtdiF1bjhimSNLKV621C72k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb1ccf55e4d2eca9b18950de56f73d5b_JaffaCakes118

Files

eb1ccf55e4d2eca9b18950de56f73d5b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

962ef5d3b7088cd9e36b9f9a7c0ad313

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SearchPathW
GetCalendarInfoW
GetFileInformationByHandle
GetCurrentProcess
lstrcmpiW
CreateDirectoryW
InterlockedExchange
SetLastError
GetModuleHandleW
LocalAlloc
GetProcessId
GetProcAddress
lstrlenW
FreeLibrary
EnumResourceNamesA
GetCurrentDirectoryW
GetCurrentThreadId
SetEnvironmentVariableW
DuplicateHandle
InitializeCriticalSection
GetModuleFileNameW
GetFileAttributesW
OutputDebugStringA
VirtualQuery
MultiByteToWideChar
GetLastError
GetModuleHandleA
VirtualProtect
WideCharToMultiByte
LocalFree
OutputDebugStringW
Sleep

ole32

CoGetMalloc
CoUninitialize
CoTaskMemAlloc
CoInitialize
StringFromGUID2
CoTaskMemFree

gdiplus

GdipGetImageWidth
GdipDisposeImage

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ