JaffaCakes118_33cea2d34c90582aa2d17a507d1763b6 | Triage

Sharing

General

Target

JaffaCakes118_33cea2d34c90582aa2d17a507d1763b6
Size

190KB
MD5

33cea2d34c90582aa2d17a507d1763b6
SHA1

11dc05f177e7b6c25d55732046d0a12a00f2049f
SHA256

2e278d2c58f5b936e7f1e374ad337a061720db6a2d588c0b4fca39da30a9780e
SHA512

154df078026139281a73750021ba925855c18f1b342e67c93d98ffb16b5b3d810ddeda216ea92b51815875e55c125e4ef695799691e5a3bfa69003a82cebd9a0
SSDEEP

3072:n2ZobCi7R0ibuFxJa5UxOFrj6oWX1ybmX4aeMAjcBVy4MCzEe9fknDzX23BiArTG:2Z4110SAJa5UxmrGoWBXV2jul+/X23Bh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_33cea2d34c90582aa2d17a507d1763b6

Files

JaffaCakes118_33cea2d34c90582aa2d17a507d1763b6
.exe windows:4 windows x86 arch:x86

9cd7383a6fe9d9a59903fc950ddcf65e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime
timeSetEvent

kernel32

InterlockedIncrement
BeginUpdateResourceW
WriteConsoleW
GetVersionExA
GetFileType
GetFullPathNameW
HeapAlloc
GetLocaleInfoA
ExitThread
EnumResourceTypesW
GetStringTypeW
QueryPerformanceCounter
GetShortPathNameW
GetCommandLineA
GetStartupInfoA
HeapFree
UnhandledExceptionFilter
GetStringTypeA
GetProcessHeap
GetStdHandle

ole32

OleTranslateAccelerator
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc

gdiplus

GdipCloneImage

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ