JaffaCakes118_d717428917573b34176449ecfac5fa48 | Triage

Sharing

General

Target

JaffaCakes118_d717428917573b34176449ecfac5fa48
Size

165KB
MD5

d717428917573b34176449ecfac5fa48
SHA1

6dc70044fa382b020164ff48d108802dff392d3e
SHA256

4ba95af6f21c78d45c215f52a2230178b211f5e6a6f48cabd0b7dbd6538fc9f5
SHA512

cb572fc23f951f4c4f9d7f3af6d6ffe2289a58b2a0d56c858b80e538089f56bd14c87544fb44195b736bc797c4bedd8f14dd799b3c7e57d76eeaf1d7e52b2a59
SSDEEP

3072:rTcFSWQshxW64vlwJ3qbJLfp3Poi2R0pVCiWoon/0dCVKn9t7/E+8ym13jqM:rTcTQ6xEk+lgiCPozDE+8Z13WM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_d717428917573b34176449ecfac5fa48

Files

JaffaCakes118_d717428917573b34176449ecfac5fa48
.exe windows:4 windows x86 arch:x86

4a955f645087b2e39fa4818ccf557af8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

comctl32

ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter

ole32

CoGetMalloc
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

kernel32

GetExitCodeProcess
CreateDirectoryW
GetVersionExA
WriteConsoleW
GetConsoleMode
UnmapViewOfFile
GetCalendarInfoA
TlsAlloc
GetEnvironmentVariableW
GetProcessHeap
MapViewOfFile
CreateFileMappingA
HeapAlloc
GetVersionExW
CreateProcessW
InterlockedIncrement
EnumResourceNamesA
HeapFree
GetProcAddress
ExitProcess
CreateFileA
CreateThread
CreateFileW
TlsSetValue
FlushFileBuffers
TlsGetValue
GetModuleHandleW
SetEvent
TlsFree
FindFirstFileW
GetTempPathW
MoveFileExW
WaitForSingleObject
LoadLibraryExW
SetLastError
GetConsoleCP
GetModuleHandleA
GetLastError

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ