JaffaCakes118_68732f9345efdf593a745212d567d526 | Triage

Sharing

General

Target

JaffaCakes118_68732f9345efdf593a745212d567d526
Size

166KB
MD5

68732f9345efdf593a745212d567d526
SHA1

ef06f9e1a835ee10b901dfa7709fc1ca16553800
SHA256

4ffa2714749a783ce2b5aaefdf26845b145a1631b2c0c027e8406e838a1cf5ab
SHA512

9769036dd81365d4b0bda27bdc7cb2a0024682089a2a96b1f2c1bcb72e0b1b7e86a76d2b8a20a8811be25fcd61771a66b17c7d9b570cfa9e502fc68538c8fc98
SSDEEP

3072:NKv0qrbcezlnFcv5VgT4+YPTSHXY/bufobOAKQTKxDJnHI/K/:NW0EjmGlYPTSHXerbbKFx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_68732f9345efdf593a745212d567d526

Files

JaffaCakes118_68732f9345efdf593a745212d567d526
.exe windows:4 windows x86 arch:x86

6a469e33f859803fb293813623d0997b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

kernel32

HeapSize
GetCPInfoExA
GetEnvironmentStringsW
SetHandleCount
GetCPInfo
GetOEMCP
InterlockedIncrement
TlsSetValue
MultiByteToWideChar
GetLastError
UnhandledExceptionFilter
WideCharToMultiByte
GetACP
InterlockedExchange
FreeEnvironmentStringsA
GetStdHandle
GetVersionExA
GetThreadLocale
EnumResourceTypesA
WriteFile
RaiseException
FreeEnvironmentStringsW
GetStartupInfoA
GetTickCount
GetEnvironmentStrings
LoadLibraryW
GetFileType
LeaveCriticalSection
EnterCriticalSection
TlsGetValue
InitializeCriticalSection
DeleteCriticalSection
GetLocaleInfoA
lstrlenW
QueryPerformanceCounter
GetCurrentProcessId

gdi32

DeleteObject
GetTextExtentPointA
SelectObject
GetTextMetricsA
GetDeviceCaps
CreateFontIndirectA

ole32

CoGetMalloc
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
StringFromGUID2
CoTaskMemRealloc

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ