JaffaCakes118_69d940b56984523d3a925fed11a815d7 | Triage

Sharing

General

Target

JaffaCakes118_69d940b56984523d3a925fed11a815d7
Size

185KB
MD5

69d940b56984523d3a925fed11a815d7
SHA1

1a50ba4a4c814b38f0044ef22131f549083f22f6
SHA256

6bdca351c24268bcb1f5d4a77110a3a784f7457a14ca10d55193c53c74849495
SHA512

9cb4a4d9ee82cdb57cbc5cfeadd46149b69e1ea237d9085d3271c1a14e5b2ffe68b2322b40a9b84e05dc913084bf181139b770dd694d3700323f8d2b605c872f
SSDEEP

3072:YsTu51gCPP9FJ8Nitr8YDyoM9fXR4tKH9meeeAL26aLxxQAN4KVFLkO9V6:YsTu5r9oNkwz1fXR0kme7AaRlbeKPkOH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_69d940b56984523d3a925fed11a815d7

Files

JaffaCakes118_69d940b56984523d3a925fed11a815d7
.exe windows:4 windows x86 arch:x86

d2f577486f7b280fc5c6368ecdc1bd22

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipGetImageWidth
GdipDisposeImage

kernel32

GetCalendarInfoW
GetFileAttributesW
GetProcAddress
lstrcmpiW
ExitProcess
GetCurrentThreadId
VirtualQuery
SetLastError
GetLastError
GetModuleHandleW
VirtualProtect
GetModuleFileNameW
FreeLibrary
GetModuleHandleA
GetCurrentProcess
EnumResourceNamesA
OutputDebugStringW
lstrlenW
OutputDebugStringA
GetCurrentDirectoryW
MultiByteToWideChar
WideCharToMultiByte
InitializeCriticalSection
InterlockedExchange
DuplicateHandle
CreateDirectoryW
LocalAlloc
SetEnvironmentVariableW
SearchPathW
GetProcessId
LocalFree
GetFileInformationByHandle
Sleep

ole32

CoGetDefaultContext
CoTaskMemAlloc
StringFromGUID2
CoUninitialize
CoInitialize
CoTaskMemFree

shlwapi

PathIsUNCW
SHRegGetValueW
StrDupW
PathSkipRootW
PathGetArgsW
PathFindFileNameW

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ