JaffaCakes118_938060f647b1fcd24a7a807228c9f92f | Triage

Sharing

General

Target

JaffaCakes118_938060f647b1fcd24a7a807228c9f92f
Size

205KB
MD5

938060f647b1fcd24a7a807228c9f92f
SHA1

d9f4d0b347f80b24922bae1777cb79e7276f5d5e
SHA256

c0eff96d090b32f6b6f0ca7ade85b60cea071d75e02348a08ccba8cae8f73d5e
SHA512

6e1f97585243e7b4abba67b07a6c5e1d5edc8be57b4adcec868e7637b88af971202ffd2fcc3d9e8b1f4e12350f31fb33bf04b7405f047c3f27b29b814334d8e3
SSDEEP

6144:8aE9xeFTXduDJAie3Ltz1Ljqw9ViCGfWT9Bpm:1Eusa3LtxfqwFg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_938060f647b1fcd24a7a807228c9f92f

Files

JaffaCakes118_938060f647b1fcd24a7a807228c9f92f
.exe windows:4 windows x86 arch:x86

87b333eec24990887a2c3ac5f936e078

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleTranslateAccelerator
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc

kernel32

BeginUpdateResourceW
GetProcessHeap
GetStringTypeW
GetFullPathNameW
GetCommandLineA
QueryPerformanceCounter
InterlockedIncrement
WriteConsoleW
GetLocaleInfoA
EnumResourceTypesW
ExitThread
GetShortPathNameW
UnhandledExceptionFilter
GetFileType
HeapFree
GetStartupInfoA
HeapAlloc
GetVersionExA
GetStringTypeA
GetStdHandle

winmm

timeGetTime
timeSetEvent

gdiplus

GdipCloneImage

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ