JaffaCakes118_7656f3c27387917026b4b6faa424be4b | Triage

Sharing

General

Target

JaffaCakes118_7656f3c27387917026b4b6faa424be4b
Size

182KB
MD5

7656f3c27387917026b4b6faa424be4b
SHA1

a5581d13c6c76f7e57373d45960d93d8d14e86c4
SHA256

5b3462bea319a6caff97418313eb9852d276ca419330ac07ec5421fd0c06ca0c
SHA512

95013eee1c570682ad188ee62bc41c78d74a5475440b7e3f5fabb55ff9bf2b6a7ba26e36f8b83a1504c3b87afa92e22ab7d589116ce197094cb6489bb007ba65
SSDEEP

3072:MlFKJnKOSSMpeTGpPFygYK95MsVk1JQ0GiP/SPx42el+LA51/3oE:kFqnkJNMYVunPK62RuBoE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7656f3c27387917026b4b6faa424be4b

Files

JaffaCakes118_7656f3c27387917026b4b6faa424be4b
.exe windows:4 windows x86 arch:x86

5ad108e08487e0ebefa183107baddca2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextExtentPointA
GetTextMetricsA
SelectObject
GetDeviceCaps
DeleteObject
CreateFontIndirectA

ole32

CoGetMalloc
CoTaskMemAlloc
StringFromGUID2
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc

msimg32

AlphaBlend
TransparentBlt

kernel32

InterlockedIncrement
RaiseException
GetThreadLocale
GetVersionExA
GetLocaleInfoA
GetCPInfoExA
GetACP
InitializeCriticalSection
InterlockedExchange
GetCPInfo
GetTickCount
TlsGetValue
EnterCriticalSection
GetEnvironmentStrings
GetStartupInfoA
EnumResourceTypesA
GetEnvironmentStringsW
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetStdHandle
UnhandledExceptionFilter
TlsSetValue
lstrlenW
GetOEMCP
GetFileType
LeaveCriticalSection
LoadLibraryW
SetHandleCount
QueryPerformanceCounter
GetLastError
FreeEnvironmentStringsA
WideCharToMultiByte
DeleteCriticalSection
WriteFile
GetCurrentProcessId

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ