JaffaCakes118_e2bec97e8aa75ea569352756f99c339f | Triage

Sharing

General

Target

JaffaCakes118_e2bec97e8aa75ea569352756f99c339f
Size

188KB
MD5

e2bec97e8aa75ea569352756f99c339f
SHA1

a44c2b430a9243f023067869318c242606d3b71a
SHA256

4de918adce319e1593def16c36e696f0653fe0a9c9079da72aaa6e38eb019284
SHA512

2ab57e0cda70f8d03984176e64dfb359bf762d8cb8f0cea2bcf2827ef648e3806ed20e09df19c0ecbed01e61c9a5d21f9a564bec36603fcfcb9f16c7ed1fbd72
SSDEEP

3072:JQJL5ddwYprtRMUmp9H7f/RacuCTWRuORRZtcFO+O1Jyk7Iz+trbUsgn:JAFddwcDr2H7BGKiZtc4+O1AYIz+gsg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_e2bec97e8aa75ea569352756f99c339f

Files

JaffaCakes118_e2bec97e8aa75ea569352756f99c339f
.exe windows:4 windows x86 arch:x86

2f0f8dee55fe6b3db77fc4e491088100

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesW
VirtualProtect
GetCurrentDirectoryW
GetProcessId
lstrlenW
GetCalendarInfoW
InterlockedExchange
OutputDebugStringW
GetCurrentProcess
DuplicateHandle
OutputDebugStringA
ExitProcess
CreateDirectoryW
SetLastError
GetModuleFileNameW
VirtualQuery
LocalFree
WideCharToMultiByte
EnumResourceNamesA
MultiByteToWideChar
InitializeCriticalSection
GetModuleHandleW
GetProcAddress
GetLastError
FreeLibrary
SetEnvironmentVariableW
lstrcmpiW
GetModuleHandleA
GetFileInformationByHandle
SearchPathW
GetCurrentThreadId
LocalAlloc
Sleep

ole32

CoGetDefaultContext
CoUninitialize
CoTaskMemAlloc
CoInitialize
StringFromGUID2
CoTaskMemFree

shlwapi

PathIsUNCW
PathSkipRootW
PathGetArgsW
SHRegGetValueW
StrDupW
PathFindFileNameW

gdiplus

GdipGetImageWidth
GdipDisposeImage

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ