JaffaCakes118_6d067b3dca524db72ee007e2ba6de8ee | Triage

Sharing

General

Target

JaffaCakes118_6d067b3dca524db72ee007e2ba6de8ee
Size

177KB
MD5

6d067b3dca524db72ee007e2ba6de8ee
SHA1

60ddfe6a62b38490780543975f27d8dbf34347bb
SHA256

c86754080341471175b6205e1162f35f1ca02acaf9f487ccc50b3db7f682d22d
SHA512

e74c5a6549c088a8e1746a7e77fe30eaac0ae0b5ae10da5158d7bff1911561cbdf6281c119b64f3d4dd076a317a727fde674f7057cf85732b3f8f9ca37216b17
SSDEEP

3072:qefcNcgE1c8zKX1xRJCPz+Y2yfoP+z9/kpzFOtGSeaA14W6cqavKkn2Vrq:KGr6rlP8PztwPnctGS814PBayv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6d067b3dca524db72ee007e2ba6de8ee

Files

JaffaCakes118_6d067b3dca524db72ee007e2ba6de8ee
.exe windows:4 windows x86 arch:x86

a940e41b4a3b4ddb1c679507c417010c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

ole32

CoGetMalloc
StringFromGUID2
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc

kernel32

SetHandleCount
GetStartupInfoA
GetCPInfoExW
GetCPInfo
lstrlenW
InterlockedIncrement
MultiByteToWideChar
GetFileType
WideCharToMultiByte
UnhandledExceptionFilter
GetLocaleInfoA
GetEnvironmentStringsW
FreeEnvironmentStringsA
DeleteCriticalSection
FreeEnvironmentStringsW
TlsSetValue
EnterCriticalSection
GetACP
GetEnvironmentStrings
EnumResourceTypesA
HeapSize
InterlockedExchange
InitializeCriticalSection
WriteFile
QueryPerformanceCounter
GetStdHandle
RaiseException
LoadLibraryW
GetTickCount
LeaveCriticalSection
GetLastError
GetThreadLocale
TlsGetValue
GetVersionExA
GetOEMCP
GetCurrentProcessId

gdi32

GetTextExtentPointA
SelectObject
DeleteObject
GetDeviceCaps
GetTextMetricsA
CreateFontIndirectA

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ