JaffaCakes118_4c33848046af504e427a5cbf823d3e02 | Triage

Sharing

General

Target

JaffaCakes118_4c33848046af504e427a5cbf823d3e02
Size

203KB
MD5

4c33848046af504e427a5cbf823d3e02
SHA1

b90f7f6f1a1bd3253b9fa5c5aeb34cc8a4fbd382
SHA256

d78cfa576e147fe9b50e4d32f6b5a42d3819d3dfa14956e8d2a3b91baeda6a99
SHA512

03fc830c48dba3b2d2b43fdb94b8612c78d24971660dee803685451767b70b96992e6e0bc8cc63714be7a8cf64ecd549a28e2588d8a462dc0a6a657569362f69
SSDEEP

6144:wZqqYqsv7BqPKxO40yQU7v8lVZFs+T/cxi:wZgplqPKsSQsv8lNs+Ti

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_4c33848046af504e427a5cbf823d3e02

Files

JaffaCakes118_4c33848046af504e427a5cbf823d3e02
.exe windows:4 windows x86 arch:x86

d52eff15c084427e3acf848f23d20b87

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetMalloc
ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

kernel32

GetCalendarInfoA
GlobalFree
FindNextFileA
_lread
LocalFree
GetCurrentDirectoryW
LoadResource
_llseek
GetProcessHeap
Sleep
HeapAlloc
SizeofResource
FindFirstFileW
EnumResourceNamesA
RaiseException
MultiByteToWideChar
_lwrite
SetLastError
GetModuleHandleW
LockResource
GetCommandLineW
FindFirstFileW
HeapFree
FormatMessageW
FindFirstFileA
_lclose

rpcrt4

RpcStringBindingComposeA
RpcBindingFromStringBindingA
RpcStringFreeA

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ