JaffaCakes118_3499252c1c101b70e8919d979c85def8 | Triage

Resubmissions

14-01-2025 03:30

250114-d2pe3avrds 10

14-01-2025 03:26

250114-dznqraxqcp 10

Sharing

General

Target

JaffaCakes118_3499252c1c101b70e8919d979c85def8
Size

180KB
MD5

3499252c1c101b70e8919d979c85def8
SHA1

be592b22639c963569a6057f99021c13ffd86907
SHA256

adbc69392f2228409823e74c54b07934ecd893b482e7cec9d6ef126ea9e7046f
SHA512

7a70b47b788cf39b8a1549525733b70e486e76d8e7b6e1fce4ffbccaad8f24d5a377c92a006aec51e9da2142c84034ef039e3e937d73e1502d3d7be2831c4d4c
SSDEEP

3072:NjUgWSg0pLFZc2JXbMpCOZNfWcDXm4kn1mt7/r3yyDe3pVRF3siM7NtUGaEBOvQH:NjUqg0pLjcIXmtNfbX9t7/r3GaiYqY4M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_3499252c1c101b70e8919d979c85def8

Files

JaffaCakes118_3499252c1c101b70e8919d979c85def8
.exe windows:4 windows x86 arch:x86

11c3ba22d58b54cda72ed20d02a371c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
SetFirmwareEnvironmentVariableW
EnterCriticalSection
DeleteCriticalSection
GetProcAddress
LeaveCriticalSection
GetModuleHandleA
LoadLibraryA
SetStdHandle
EnumResourceTypesA
InitializeCriticalSection
LCMapStringW
LocalAlloc
GetShortPathNameA
GetLastError
GetSystemInfo
LocalFree
GetStringTypeA

gdiplus

GdipCloneImage

ole32

OleSave
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
StringFromGUID2
CoTaskMemRealloc

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

winmm

timeGetTime
timeSetEvent

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ