18c97e6f77aa20787e32a2d5bfdbed72_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

18c97e6f77aa20787e32a2d5bfdbed72_JaffaCakes118
Size

121KB
MD5

18c97e6f77aa20787e32a2d5bfdbed72
SHA1

0b5ee9b43b864659ce875428979b9b0da24c31a3
SHA256

58529a9e240453ebebab0958b5bbb12ed0bfea9f4d59911b245722c73e54ae4c
SHA512

980b241541447c21ce314ac85cd09b125f555936161d9c9210fdf50625f4eb90a84151d5ffcfba03634bfd170ddef42201ddf21db5972846ad60e6748fd7e3f9
SSDEEP

3072:UBa5SLL0nGa4t0aoa6eGIXfK57B22JQwC:U85SLwt4CaD6iS5kdx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18c97e6f77aa20787e32a2d5bfdbed72_JaffaCakes118

Files

18c97e6f77aa20787e32a2d5bfdbed72_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2fab1d81bea7171426caf5458433ebf0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

TerminateThread
GetCurrentProcess
GlobalDeleteAtom
GetCurrentThreadId
EnumResourceNamesA
GetTickCount
GetCurrentProcessId
TerminateProcess
GetSystemTimeAsFileTime
ExitProcess
UnhandledExceptionFilter

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ