f2d55373f678db8e11ce01fc35921f47_JaffaCakes118 | Triage

Sharing

General

Target

f2d55373f678db8e11ce01fc35921f47_JaffaCakes118
Size

272KB
MD5

f2d55373f678db8e11ce01fc35921f47
SHA1

4b16fd5140a16a565d4b12aeef9bfc31348d3a04
SHA256

c9977c76e3b51d230d8795a9837967dc8768fea0875b5ab03685bdf7f62f40ee
SHA512

841633d54eba4b4484a9a8d72ccafbab4864c01410497ac40f15e07e140b38e8d197c77044c0f1a93e8b6a4d09e2ad9c6fe55bdf91a0b5f9e312c14861b3be02
SSDEEP

6144:LUO/fRlL7DZ1eaMICtZW3dierwWh4xQwgGXxOaHaYfRU/5fE:LXZDuW3dinOwgqOaHaIG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f2d55373f678db8e11ce01fc35921f47_JaffaCakes118

Files

f2d55373f678db8e11ce01fc35921f47_JaffaCakes118
.exe windows:4 windows x86 arch:x86

81d756cf64dcf818976420c025ecaf04

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
TlsAlloc
HeapReAlloc
HeapDestroy
SetLastError
VirtualFree
GetCurrentProcessId
VirtualQuery
HeapCreate
VirtualAlloc
EnumSystemLanguageGroupsW
GetWriteWatch
HeapAlloc
IsBadWritePtr
QueryPerformanceCounter
GetSystemTimeAsFileTime
TlsFree

shell32

SHGetMalloc
SHChangeNotify
SHGetPathFromIDListW

shlwapi

PathAddBackslashW

oleacc

CreateStdAccessibleObject
AccessibleChildren

winmm

mciSendCommandA

user32

LoadStringA
GetDlgItem
SetWindowTextA
LoadImageA
CreateWindowExA
DestroyIcon
GetWindow
GetParent

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 199KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ