JaffaCakes118_57e0ebe1fb48a799fddef850f1b5e332 | Triage

Sharing

General

Target

JaffaCakes118_57e0ebe1fb48a799fddef850f1b5e332
Size

154KB
MD5

57e0ebe1fb48a799fddef850f1b5e332
SHA1

379f0536df5c8c7af67c68998d486847101023e8
SHA256

102110cdaca235a056e98f2291e135823a25bcbe9da6148c51e67d6a07dd7f1f
SHA512

25a365ee1587f5ec2a738c62a07b83dec1acff8a9bde38471eb1f154918e6d7109504eb9f1d1a3a2b366bbcbc6d87bb8a9bf20de7e58df50411efea1cb583358
SSDEEP

3072:K6m0IdyJ0vriWnYMGLtwMyJfAO0/5tuR3fNVHiwzJ/wV1sDGeQA3+r5:K6FjJ0FnY/wMaz0/XuBfN5iwzJJDG0+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_57e0ebe1fb48a799fddef850f1b5e332

Files

JaffaCakes118_57e0ebe1fb48a799fddef850f1b5e332
.exe windows:4 windows x86 arch:x86

f688466d9ef386245720676fff83decf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetCPInfo
lstrcpynW
WideCharToMultiByte
GlobalAlloc
GetLastError
CheckRemoteDebuggerPresent
MultiByteToWideChar
DeleteCriticalSection
lstrlenW
lstrcpyW
EnumResourceTypesW
LockResource
GetACP
lstrcpyA
GlobalFree
GetTickCount
FindClose
InitializeCriticalSection
lstrcmpiW
OutputDebugStringW
GetModuleHandleW

user32

DispatchMessageW
CharNextW
SetTimer
KillTimer
TranslateMessage
GetMessageW
GetDC
PostThreadMessageW
GetAncestor
CharUpperW
wsprintfW
UnregisterClassA

winspool.drv

DocumentPropertiesW

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ