0365a662fdf402ee77214f12daa6bd03_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0365a662fdf402ee77214f12daa6bd03_JaffaCakes118
Size

155KB
MD5

0365a662fdf402ee77214f12daa6bd03
SHA1

1e8918e21b31474473340d556efeee95c2e55eea
SHA256

4aab99d83defe5c8bc84ff3fdbeaa076207aed4c3a8e5f5d78efd4581d557f58
SHA512

28c4a330018a80fc5b195353285a25c4d43396c4c9f71077fcea92518359db23b805fbeb8951332986bb87e3fb21fbfb147f1b3ac777230ee23c018f4639d4be
SSDEEP

3072:NuxLzo3MO+F6ZB9g2k9E0KgAgBrf2Noj6NkfEVEZ/iw9GyMjkVr5At:Ixf4346ZBjbhBgBD2Noub8/FpMjkV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0365a662fdf402ee77214f12daa6bd03_JaffaCakes118

Files

0365a662fdf402ee77214f12daa6bd03_JaffaCakes118
.exe windows:4 windows x86 arch:x86

439a6ec4ff84b7211369f829c3b04edf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadStringW

kernel32

GetShortPathNameA
ExpandEnvironmentStringsW
GetCurrentThread
LZCopy
CreateProcessW
HeapAlloc
GetProcessHeap
HeapFree
GetVersionExW
SizeofResource
LockResource
LoadResource
FindResourceW

oleaut32

OleLoadPictureEx
GetRecordInfoFromTypeInfo
VarI4FromDec
SysFreeString

Sections

.text
Size: 113KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 308B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ