JaffaCakes118_3e6224196f2c7149594556e178f04d6d | Triage

Sharing

General

Target

JaffaCakes118_3e6224196f2c7149594556e178f04d6d
Size

163KB
MD5

3e6224196f2c7149594556e178f04d6d
SHA1

ecf55440f2e5b5fede1b6413e09c0c014f73d451
SHA256

2c6ab805eb699e89d5a7a63831db49524cc86737c69ca5e6cd43f9a39c90b58b
SHA512

fe250be96ee8e61289ef1150845d87aeee1c72ff6ffbd5d80a17f310e395cf67985216a78b98e4e8e5c3a00ccc3a550e3077c6b6cfedf4ee2ab59003769b2315
SSDEEP

3072:I/QC2ONHRPMQB0DdqXzyqzpNiKRc07AXeGlR4C1xDKUhZbCc80m7q3mw:+ZNBHmg5zeKRcBXD4C11KU0+3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_3e6224196f2c7149594556e178f04d6d

Files

JaffaCakes118_3e6224196f2c7149594556e178f04d6d
.exe windows:4 windows x86 arch:x86

bc7576e591748a1c9b74fa59012bd488

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceExW
GetCalendarInfoA
CreateFileW
GetLocalTime
FlushInstructionCache
GetProcessAffinityMask
EnumResourceNamesA
GetPriorityClass
FindFirstFileW
LockResource
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFilePointerEx
ExitProcess
LoadResource

ole32

CoGetMalloc
ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

shlwapi

PathRemoveFileSpecW
SHGetValueW
PathAppendW
PathCombineW
PathFileExistsW

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ