JaffaCakes118_207e60f5944a922ef350cd10b87f3d90 | Triage

Sharing

General

Target

JaffaCakes118_207e60f5944a922ef350cd10b87f3d90
Size

169KB
MD5

207e60f5944a922ef350cd10b87f3d90
SHA1

84b0aec2d8c4a5ac5b689f5b92acefdeae15806e
SHA256

1b4105e70d8bb88355d157cd890326fdc68cde839ced3d32d935789a5ce49c92
SHA512

690c06a2e28e20b2a63c65bbb47c9be0714863134ec93db324e845e45d44f2c4b29273502fdb0d9519f27d03f6df59c2e5d451cdc9f714000e834ab0471d00cd
SSDEEP

3072:CC7hr8gmFmfETEHFJXeJAWh5GZsiGbkEjJ1++t5/a12eehGDtOMw:CO4gemfFJXE5GZu4EVY+H/aoGDt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_207e60f5944a922ef350cd10b87f3d90

Files

JaffaCakes118_207e60f5944a922ef350cd10b87f3d90
.exe windows:4 windows x86 arch:x86

fa780b084a3c0bd226618ed93199a1a8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetMalloc
CoCreateInstance
CoTaskMemFree
StringFromGUID2
CoTaskMemAlloc
CoTaskMemRealloc

gdi32

SelectObject
GetTextExtentPointA
GetTextMetricsA
DeleteObject
GetDeviceCaps
CreateFontIndirectA

kernel32

GetCPInfoExW
GetThreadLocale
WideCharToMultiByte
DeleteCriticalSection
WriteFile
GetLastError
GetCPInfo
GetStdHandle
FreeEnvironmentStringsW
GetOEMCP
lstrlenW
LeaveCriticalSection
UnhandledExceptionFilter
SetHandleCount
QueryPerformanceCounter
GetACP
EnterCriticalSection
InterlockedExchange
EnumResourceTypesA
GetEnvironmentStrings
RaiseException
GetVersionExA
InitializeCriticalSection
GetEnvironmentStringsW
TlsGetValue
GetStartupInfoA
GetFileType
GetTickCount
GetCommandLineW
MultiByteToWideChar
HeapSize
InterlockedIncrement
GetLocaleInfoA
FreeEnvironmentStringsA
TlsSetValue
GetCurrentProcessId

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ