104c185f1c192e47328dde8cd3395a49_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

104c185f1c192e47328dde8cd3395a49_JaffaCakes118
Size

168KB
MD5

104c185f1c192e47328dde8cd3395a49
SHA1

db2e0ffe53c5401987effeb02fab3441ba33508a
SHA256

cd2f7abfebcc79a2852ef050beb4be75bca2a5a3ed5be5766ae03864bee56084
SHA512

aaf270d03f73cfcb122c46c00b059c3f63220640eeb5df18baa69fba5c4da7792000cce7243ceac75cd9bbab329d1ae17a3dafa40c80314ce7028c906e29dc5d
SSDEEP

3072:PChM57D/Rv7jt/BwYFwty1QHE9O45gArO2QPXj469vhdURz82Kgdi:+M57rdt/qYWtteVRafj1vLU/Vdi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
104c185f1c192e47328dde8cd3395a49_JaffaCakes118

Files

104c185f1c192e47328dde8cd3395a49_JaffaCakes118
.exe windows:4 windows x86 arch:x86

89537f559efaa40c31c5329dc73f8ff1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

ole32

CoTaskMemRealloc
CoTaskMemFree
CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoRevokeClassObject
CoRegisterClassObject
CoInitialize
StringFromGUID2
StringFromCLSID

shlwapi

PathCombineW
PathFileExistsW

user32

PostThreadMessageW
DispatchMessageW
GetMessageW
SendMessageA
TranslateMessage
GetDC
CharUpperW
CharNextW
KillTimer
SetTimer
wsprintfW
UnregisterClassA

kernel32

GlobalAlloc
FindClose
lstrcpyA
lstrcpyA
GetProcessAffinityMask
GetCPInfo
MultiByteToWideChar
GetTickCount
EnumResourceNamesW
LockResource
GlobalFree
lstrlenW
lstrcpyW
lstrcmpiW
FreeEnvironmentStringsW
GetACP
OutputDebugStringW
WideCharToMultiByte
GetLastError
InitializeCriticalSection
GetModuleHandleW

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ