0d89bdc120b4af875914af42d627f83f_JaffaCakes118 | Triage

Sharing

General

Target

0d89bdc120b4af875914af42d627f83f_JaffaCakes118
Size

160KB
MD5

0d89bdc120b4af875914af42d627f83f
SHA1

22959ac2f4674b2e7a5fcde1582b9daeaba2f595
SHA256

8b59d747ad9b7d879038ecc72cf17a2f99fcc45e5c4659de51806137a34c78fc
SHA512

960717a9971627150e36f8748a49b186f0123339fb01b07006a92aaba70b5aeec05f2bfbd94096515802e6b5c6736a7e867e151cb1b67a8413592ab368d78fe2
SSDEEP

3072:uW7f59LoQhroGFV3L+AcyXmaNbqBXif3hOLA/YOP1hMMETBsqzToMR:fV9NhroGFtLdNT8if+3OP1CJB3T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d89bdc120b4af875914af42d627f83f_JaffaCakes118

Files

0d89bdc120b4af875914af42d627f83f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5d8ffd6fcb6d4ef62cbb3276f81fab92

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSQuerySessionInformationW
WTSFreeMemory
WTSEnumerateSessionsW
WTSUnRegisterSessionNotification
WTSRegisterSessionNotification

kernel32

HeapFree
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetModuleHandleA
QueryPerformanceCounter
HeapAlloc
GetCurrentProcessId
Sleep
lstrlenA
UnhandledExceptionFilter
HeapFree
IsDebuggerPresent
GetLocaleInfoA
SystemTimeToFileTime
CloseHandle
GetTickCount
LoadLibraryExW
GetEnvironmentVariableA
InterlockedExchange
GetStartupInfoA
LocalAlloc
GetProcessHeap
CreateFileW
lstrlenW
HeapSize
EnumResourceTypesW
InterlockedCompareExchange
TerminateProcess
HeapReAlloc
GetCurrentProcess
CompareFileTime
HeapDestroy
LoadLibraryW
GetStdHandle
GetCurrentThreadId
CreateProcessA
GetACP
GetThreadLocale
WideCharToMultiByte
MultiByteToWideChar
GetSystemTime
WriteFile
RaiseException
lstrcpynW

oleacc

LresultFromObject
AccessibleObjectFromEvent

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ