f459120dbaf13bba31e468000acf914e_JaffaCakes118 | Triage

Sharing

General

Target

f459120dbaf13bba31e468000acf914e_JaffaCakes118
Size

181KB
MD5

f459120dbaf13bba31e468000acf914e
SHA1

f93f142ac0ec160314e474b4c43466d9a3d6f8c9
SHA256

b668c2c9abf831b3e4996cab451136b3f31bde043c58a1a8dab7eec9c39ba695
SHA512

e53ce5b6025e545280ceeda09502ab138ff455751866489881a3b2b33f02b7c38814fecbe669fd5f756beca5c2dc7b722ae1e30d3485974e87a40135546f4818
SSDEEP

3072:vz/zHKv0tkAeX/y8p8xqIoV3gTLe3Xgk5FS+4+Gy5t56Wzf95:b7HKukpPyM8xqIotALe3weFs+54W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f459120dbaf13bba31e468000acf914e_JaffaCakes118

Files

f459120dbaf13bba31e468000acf914e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

162ff8e3f20ba1789510828e31a7c4dd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipGetImageWidth
GdipDisposeImage

ole32

CoGetMalloc
CoInitialize
CoUninitialize
CoTaskMemAlloc
StringFromGUID2
CoTaskMemFree

kernel32

GetFileAttributesW
GetCalendarInfoW
SetLastError
GetModuleFileNameW
SearchPathW
lstrcmpiW
FreeLibrary
WideCharToMultiByte
GetModuleHandleW
GetCurrentProcess
OutputDebugStringA
VirtualQuery
InterlockedExchange
LocalAlloc
GetCurrentDirectoryW
ExitProcess
GetCurrentThreadId
GetProcessId
GetProcAddress
EnumResourceNamesA
OutputDebugStringW
GetModuleHandleA
VirtualProtect
DuplicateHandle
SetEnvironmentVariableW
InitializeCriticalSection
LocalFree
GetFileInformationByHandle
lstrlenW
GetLastError
MultiByteToWideChar
CreateDirectoryW
Sleep

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ