JaffaCakes118_aa535764688f0ed048c7ea1c6ef2a6cb | Triage

Sharing

General

Target

JaffaCakes118_aa535764688f0ed048c7ea1c6ef2a6cb
Size

183KB
MD5

aa535764688f0ed048c7ea1c6ef2a6cb
SHA1

35eb24d1e3240f1ffa91840c997eb97a3e705842
SHA256

69d4cff0a2685bad42ec9ea57c2ac4a9f03f1fd8acff789994997b7ec4445a8d
SHA512

623a75012820a473aa1025379856f1f8b8a07f6080334d157840081c73f4b5d3bb70675929f982053921887c10687b6eae43d3d23293dd17ec7793f999e36af2
SSDEEP

3072:yPyKEJRh5WQTQ+3zj5SaOa9x2dPc4V7BHkODYG3e0uibNL0HsTADJR9mfOzS5KS+:iy59Tx3pbOa9wz7uODYL0BNLC/Fnwh+t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_aa535764688f0ed048c7ea1c6ef2a6cb

Files

JaffaCakes118_aa535764688f0ed048c7ea1c6ef2a6cb
.exe windows:4 windows x86 arch:x86

94d59bd5124fcd0fa6a97d7fa39029eb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

gdi32

GetDeviceCaps
GetTextMetricsA
SelectObject
GetTextExtentPointA
DeleteObject
CreateFontIndirectA

ole32

CoGetMalloc
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
StringFromGUID2
CoTaskMemRealloc

kernel32

LeaveCriticalSection
lstrlenW
GetCPInfo
HeapSize
SetHandleCount
GetCPInfoExW
RaiseException
DeleteCriticalSection
GetEnvironmentStrings
InterlockedIncrement
UnhandledExceptionFilter
GetStartupInfoA
MultiByteToWideChar
GetACP
GetVersionExA
GetThreadLocale
FreeEnvironmentStringsW
InterlockedExchange
EnumResourceTypesA
TlsSetValue
FreeEnvironmentStringsA
TlsGetValue
WriteFile
WideCharToMultiByte
GetLocaleInfoA
LoadLibraryW
GetTickCount
GetFileType
GetOEMCP
InitializeCriticalSection
GetLastError
GetEnvironmentStringsW
EnterCriticalSection
QueryPerformanceCounter
GetStdHandle
GetCurrentProcessId

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ