51616c120d664998e3b5a1b5bc361bb6_JaffaCakes118 | Triage

Sharing

General

Target

51616c120d664998e3b5a1b5bc361bb6_JaffaCakes118
Size

601KB
MD5

51616c120d664998e3b5a1b5bc361bb6
SHA1

ad1f4e7d20db72e1e27024fa1f6911fe1cb2ac21
SHA256

2fdb8be3c2335dc55ad868f08845254b727d902c0a31f479ef3eb87e88262d20
SHA512

18a84d83052de115fc4eb44450b45ecae07bd45350d8c2a1ce63f54e3ed891dc4da5cac0db2f33844cc127fac3403066400cbbc38ca2d3561d668ce47e8048ff
SSDEEP

12288:LbAtp5fFHFGd1ylh3kdbAG3UGVPs/FjpWrDt4CVkX2INKpA+OpjKd6S/5GxyE0xj:ozjH0d8P3SX3/Gtk54C2XQoqMxyEE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51616c120d664998e3b5a1b5bc361bb6_JaffaCakes118

Files

51616c120d664998e3b5a1b5bc361bb6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

37f4f7a4794d733de6ba1a8befb3aae6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

crtdll

memset

user32

wsprintfA

gdi32

CreatePatternBrush

comctl32

InitCommonControls

oleaut32

OleLoadPicture

ole32

CoInitialize

shell32

ShellExecuteExA

imagehlp

MakeSureDirectoryPathExists

Sections

.text
Size: 594KB - Virtual size: 5.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE