0f5553bcb550b28ce5e5a8a11c82d9ee_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f5553bcb550b28ce5e5a8a11c82d9ee_JaffaCakes118
Size

121KB
MD5

0f5553bcb550b28ce5e5a8a11c82d9ee
SHA1

51ecf17d815337dccd49cc9a1941c3c7c45e4b8e
SHA256

8e97346d37b25bdbe731056697b5d46c1fe2b9f18f53b67d6540d7c623edb14e
SHA512

56504ce060aab68fc3e8d741784b724a6eb90d5bfd34a52b8549106c2541427d08e49fdd3f4a06d9f75e37b8fd115392812d8327d36381c881f20ddc9eb4cbe9
SSDEEP

3072:IJEq+uW1zJK4q/P1SauRlUy4pP/AGqCGBgC+8tTScQ:LqFMJ8IayZ4d4G9w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f5553bcb550b28ce5e5a8a11c82d9ee_JaffaCakes118

Files

0f5553bcb550b28ce5e5a8a11c82d9ee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

262f0cfbb2306529b1e1004428daa6fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantChangeType
SysAllocStringLen
RegisterTypeLib
OleLoadPicture
VariantCopyInd
SafeArrayCreate
SafeArrayGetUBound
SafeArrayUnaccessData
SafeArrayPtrOfIndex

kernel32

GetModuleHandleA
SetEndOfFile
GetACP
LoadLibraryA
GetCommandLineW
MoveFileExA
GetCurrentProcess
GlobalAlloc
ExitProcess
ExitThread
GetProcAddress
GetCommandLineA
SizeofResource
VirtualAllocEx
LoadLibraryExA
GetLastError
FreeResource
FindClose
VirtualAlloc

user32

IsWindowUnicode
GetCursor
SetClipboardData
DefFrameProcA
IsChild
DrawFrameControl
SetForegroundWindow

advapi32

RegDeleteKeyA
RegLoadKeyA

ole32

OleRegGetUserType
CLSIDFromString
CoGetContextToken
CreateBindCtx
CoRegisterClassObject
PropVariantClear
CoCreateFreeThreadedMarshaler
OleRun

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ