004507f3ec748daaec5ffd6ca7e6d794_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

004507f3ec748daaec5ffd6ca7e6d794_JaffaCakes118
Size

174KB
MD5

004507f3ec748daaec5ffd6ca7e6d794
SHA1

5b3187d29b62001f3365c76ba7297202e8c9d81f
SHA256

54ff015ebf68d52964065852eafbc51ff5fd32ae839cd7ac5364d6e4addd4720
SHA512

f2505cf436223a78315c6fa029788e6c3422996e955df363c364d702868dce9b5b562ecbbae5e46cba2fad7c38eb0dec0352ea6419014040510b84bf3e8fb0bf
SSDEEP

3072:URCnVGeocbdS6gfrDUuwnWtK7y1FoVpNrOyIXRT8jnSFaEiUfLT/N5ERGWyOB:UsVGixSjrDAnWI7y12TNrOyIXxIStl5p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
004507f3ec748daaec5ffd6ca7e6d794_JaffaCakes118

Files

004507f3ec748daaec5ffd6ca7e6d794_JaffaCakes118
.exe windows:4 windows x86 arch:x86

073a209bf092f759835f192b97f4ce5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW
WTSEnumerateSessionsW
WTSUnRegisterSessionNotification
WTSRegisterSessionNotification

kernel32

InterlockedExchange
HeapFree
HeapReAlloc
HeapFree
SetUnhandledExceptionFilter
CreateFileW
GetStartupInfoA
GetSystemTime
LoadLibraryW
CreateProcessA
SystemTimeToFileTime
LoadLibraryExW
CloseHandle
UnhandledExceptionFilter
HeapAlloc
GetCurrentProcess
LocalAlloc
GetModuleHandleA
GetStdHandle
GetLocaleInfoA
InterlockedCompareExchange
lstrlenW
GetThreadLocale
EnumResourceTypesW
QueryPerformanceCounter
GetEnvironmentVariableA
CompareFileTime
GetCurrentProcessId
WriteFile
WideCharToMultiByte
lstrlenA
GetProcessHeap
GetSystemTimeAsFileTime
IsDebuggerPresent
GetACP
MultiByteToWideChar
HeapSize
TerminateProcess
GetCurrentThreadId
HeapDestroy
GetTickCount
Sleep
RaiseException
lstrcpynW

oleacc

LresultFromObject
AccessibleObjectFromEvent

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ