JaffaCakes118_9d275eac79a094b348c4f00af94cc66b | Triage

Sharing

General

Target

JaffaCakes118_9d275eac79a094b348c4f00af94cc66b
Size

180KB
MD5

9d275eac79a094b348c4f00af94cc66b
SHA1

a422ee1c31ecaed0c5ca4c6cf08d7d8e42858f40
SHA256

688029de162c63ab0f1ea5cf5a0ecbb3bb53f5ea84949113568075a069c56c12
SHA512

1ca5cbd50394e1f0d5c07d69f285f9e346ed8c9f6ed24b6c6dcf5a00083684e39d3bc65b1cd9e745e7e6c9cadea58d6f6579bc9b2ae9ab150799f2378611ae7a
SSDEEP

3072:Bq9uNvM3aBiI7Jq1jMpEiypVNA5rqaOoqHW5dDA3hj6wdfMOT3MMJSFVWwmW7agG:8INvM3aMss18EiyPNonqHKA3b5T3cFVt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_9d275eac79a094b348c4f00af94cc66b

Files

JaffaCakes118_9d275eac79a094b348c4f00af94cc66b
.exe windows:4 windows x86 arch:x86

4ee427dcdec580f9d666955cb2785ca3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleSave
CoTaskMemAlloc
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc

wininet

InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetCloseHandle

gdiplus

GdipCloneImage

winmm

timeGetTime
timeSetEvent

kernel32

SetFirmwareEnvironmentVariableW
LocalFree
LCMapStringA
LCMapStringW
GetSystemInfo
LeaveCriticalSection
GetProcAddress
DeleteCriticalSection
GetLastError
InitializeCriticalSection
EnumResourceTypesA
LocalAlloc
GetShortPathNameA
SetStdHandle
GetModuleHandleA
LoadLibraryA
EnterCriticalSection
GetStringTypeA

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ