0db0851fd689596e58654a01968e97fa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0db0851fd689596e58654a01968e97fa_JaffaCakes118
Size

154KB
MD5

0db0851fd689596e58654a01968e97fa
SHA1

c4a4b95e808da0abd3d1d45586734302a4a1891e
SHA256

d569ddd8cb65212127a0266a440c002a164d8df2a402ceab7ab7defe2c3f1f7b
SHA512

d8bd2255b3460993f673832c6d489499a8d6d603f0c9719863b9f2f6ff9c2a7909fed9d2ce837f33b15043a167289c65f6844152fe745a1818108a194525ec20
SSDEEP

3072:lYlmia+dv9yJHmv3NU2ObY4EVaqQUgJPClmRTmcozwtT0NJnOKrNhMc:Wlxlyu3y2ORUllmxmc6SYvOeNSc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0db0851fd689596e58654a01968e97fa_JaffaCakes118

Files

0db0851fd689596e58654a01968e97fa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

74412b43f23fb438372d938aca49837b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

SendMessageA
CharNextW
PostThreadMessageW
CharUpperW
KillTimer
SetTimer
wsprintfW
GetDC
TranslateMessage
DispatchMessageW
GetMessageW
UnregisterClassA

shlwapi

PathCombineW
PathFileExistsW

kernel32

GlobalFree
lstrcpyA
InitializeCriticalSection
lstrcpyA
GetLastError
GetProcessAffinityMask
LockResource
GlobalAlloc
EnumResourceNamesW
GetCPInfo
FindClose
GetTickCount
lstrlenW
lstrcmpiW
FreeEnvironmentStringsW
MultiByteToWideChar
lstrcpyW
WideCharToMultiByte
OutputDebugStringW
GetACP
GetModuleHandleW

ole32

CoTaskMemRealloc
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemAlloc
CoUninitialize
StringFromGUID2
CoCreateInstance
CoInitialize
CoTaskMemFree
StringFromCLSID

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ