16ea5d7ca783a2654d09ea081dc62132_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16ea5d7ca783a2654d09ea081dc62132_JaffaCakes118
Size

188KB
MD5

16ea5d7ca783a2654d09ea081dc62132
SHA1

ed1f616dfc45bf64d0b432fe54b7a37179698bc6
SHA256

7eaa550d6ba09bd46ce1935f1d3ab0c7522eb8d2d04c04d4fdab9ea57b38f348
SHA512

80a1fd71cc85f924fa95c2b74113cdf860c2bff91759d067f3f0f1cd16d8ca53231ecc0443c149c5f88378195b12085481b64905e4fccde42863450c96ba15ba
SSDEEP

3072:7RNXdx6AoTD1t692Q2cnzeDviGko2tdzFxJE3fQIQXS+Q+:7RMD1E0Q7nz+aJHtd/Af3S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16ea5d7ca783a2654d09ea081dc62132_JaffaCakes118

Files

16ea5d7ca783a2654d09ea081dc62132_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4f9252a82b0f10afece09827a4e8f385

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgCreateDocfile
StgOpenStorage

kernel32

GetShortPathNameW
LoadLibraryA
LocalFree
DeleteCriticalSection
GetProcAddress
GetLastError
SetHandleInformation
InitializeCriticalSection
UnhandledExceptionFilter
EnumResourceTypesW
CreateFileA
IsDebuggerPresent
GetCurrentProcessId
SetUnhandledExceptionFilter
GetCurrentThreadId
CloseHandle
GetModuleHandleA
GetVersionExA

user32

wsprintfA
wsprintfW

msvfw32

ICSendMessage
ICOpen
ICClose
ICDecompress

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ