1ab7d3a333759676ff41d063cd42051b_JaffaCakes118 | Triage

Sharing

General

Target

1ab7d3a333759676ff41d063cd42051b_JaffaCakes118
Size

179KB
MD5

1ab7d3a333759676ff41d063cd42051b
SHA1

614a4a47a07dd4c72f0b38f1e021236cbce6a96e
SHA256

1f5fc3b9e208b760dde1e0927ef9f8e3bcbb50ff43ec12d5718e96aca8d4321c
SHA512

a9d6058457e8c5f2d34b3ca4cc9cdec44efcbf08174074be3d2d2f8d8b5a6a666abb11e6b0a9f352fd1cba013bfc324b865d3125e17fa88a53b3a49766287d5d
SSDEEP

3072:TlNAKPfBJ5EITVe9Yomi0/jsOKG1atpykCy7Kid1ZmMcry/0m4DMWAmqqIZwHY85:xNAKljVe9YxCVeqKyVd1UvTomK+HYYH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ab7d3a333759676ff41d063cd42051b_JaffaCakes118

Files

1ab7d3a333759676ff41d063cd42051b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

94ac5d008d29761a3b44e7182d70f4a5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
GetOEMCP
HeapAlloc
GetStringTypeW
WriteFile
RtlUnwind
InterlockedExchange
LCMapStringW
EnumResourceTypesA
LCMapStringA
GetCurrentProcess
IsDebuggerPresent
LoadLibraryA
FindFirstVolumeMountPointA
VirtualAlloc
GetACP
SetUnhandledExceptionFilter
GetCPInfo
GetLocaleInfoA

msimg32

TransparentBlt

oleacc

GetOleaccVersionInfo
AccessibleObjectFromEvent

Sections

.text
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ