JaffaCakes118_4584946f6c79fa7a88d6d95c2827bc5d | Triage

Sharing

General

Target

JaffaCakes118_4584946f6c79fa7a88d6d95c2827bc5d
Size

187KB
MD5

4584946f6c79fa7a88d6d95c2827bc5d
SHA1

451fb1780c04795c500ca900c4a8561a13cce146
SHA256

10e6f0ad4c7f87200ead9c1eb16ebe6cca7e8e278ab77bc77cbdc8b924f9c77d
SHA512

275cfbcd8f21180893f8199b16b715e8685e9dad5210aa5ce4458c4e6f33cc655710ea2bf482b9c4c409db021560a39f69eb185df47684afb71b4947a980c174
SSDEEP

3072:OTfVmkNBlow86CMhI+/4vw9ciJjW342hm4+2J/sNg0cipUtcSi0xBMdP:O5msLow86CMKiIIGPDyNPciBwBMF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_4584946f6c79fa7a88d6d95c2827bc5d

Files

JaffaCakes118_4584946f6c79fa7a88d6d95c2827bc5d
.exe windows:4 windows x86 arch:x86

c64e1d0eec7263187b3ba72e2ca4f3e8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime
timeSetEvent

kernel32

IsDBCSLeadByte
GetCurrentThread
InterlockedDecrement
FindResourceA
QueryMemoryResourceNotification
WaitForSingleObject
EnterCriticalSection
GetModuleFileNameA
LoadLibraryA
TerminateThread
GetComputerNameA
lstrcatA
GetCurrentThreadId
lstrcpyA
CreateThread
EnumResourceTypesW
SetEvent
CreateEventA
InterlockedIncrement
GetPrivateProfileStringA
LoadResource
GetFileAttributesA
LocalFree
FormatMessageA
LeaveCriticalSection
GetCurrentProcess
lstrcpynA
SizeofResource
GetModuleHandleA
HeapAlloc

ole32

CoMarshalHresult
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc

oleacc

CreateStdAccessibleObject

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ