JaffaCakes118_0b0993a5e841e323bd411033733b1aa5 | Triage

Sharing

General

Target

JaffaCakes118_0b0993a5e841e323bd411033733b1aa5
Size

169KB
MD5

0b0993a5e841e323bd411033733b1aa5
SHA1

f73c29322d8ab5674dfc4b8fb088963fd5837b27
SHA256

69dacf3eed77673675322108c043f74a6ff39150d7d6df18f449c000dab95ac4
SHA512

ae894a1ebad8b8d4e1198819096a584dde3e81b4c5e04737300da3cf7513131476eb37009f9c5fab07e58e6de3b00582b863d2662529967aeb1d3f0d1e70dd20
SSDEEP

3072:wD0f7eo/zMJ9NNx0m41Ps3JiKwRvic9a:wojemMJ9NNGf14ifNz9a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_0b0993a5e841e323bd411033733b1aa5

Files

JaffaCakes118_0b0993a5e841e323bd411033733b1aa5
.exe windows:4 windows x86 arch:x86

cb9118eb48d600e74552feef5cec05a7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipGetImageWidth
GdipDisposeImage

ole32

CoGetDefaultContext
CoTaskMemAlloc
StringFromGUID2
CoInitialize
CoUninitialize
CoTaskMemFree

kernel32

MultiByteToWideChar
GetLastError
GetModuleFileNameW
GetCurrentDirectoryW
GetModuleHandleA
GetCalendarInfoW
ExitProcess
SetLastError
VirtualQuery
GetFileAttributesW
SetEnvironmentVariableW
FreeLibrary
WideCharToMultiByte
LocalAlloc
GetCurrentThreadId
GetFileInformationByHandle
lstrlenW
GetProcessId
DuplicateHandle
EnumResourceNamesA
InterlockedExchange
GetCurrentProcess
CreateDirectoryW
LocalFree
InitializeCriticalSection
SearchPathW
GetModuleHandleW
OutputDebugStringA
VirtualProtect
lstrcmpiW
GetProcAddress
OutputDebugStringW
Sleep

shlwapi

StrDupW
PathIsUNCW
SHRegGetValueW
PathSkipRootW
PathGetArgsW
PathFindFileNameW

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ