21a320cb67d94e65e20e0dc7f003ad0b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

21a320cb67d94e65e20e0dc7f003ad0b_JaffaCakes118
Size

183KB
MD5

21a320cb67d94e65e20e0dc7f003ad0b
SHA1

8a01a617194974f649f1b80b510b9856937167e6
SHA256

120e2fb24f92eca7cd9a8c1a6409c2ea96589b29bf7c40ede5bdd2609516d226
SHA512

016c6e4a9a7120c04648bc88b1c5bbe9e187559bf5acffb3523420ba016f1cddbf5050231a5ca0658b0f1927eb93e0a10d81111f478b1f54a3f082413eb21044
SSDEEP

3072:QfPPBYJwPxUeI/wGHU87J/vLtHbBZN1VKIuRwU/EE1oT8JDFe1ZtQHMBm0gefTZX:Qf3+JH0uv5MIuR7E2oT8xoZtgM9fTZOz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21a320cb67d94e65e20e0dc7f003ad0b_JaffaCakes118

Files

21a320cb67d94e65e20e0dc7f003ad0b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

78a4aade045a1c52d37f48478bb0584c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

VirtualQueryEx
lstrlenA
WideCharToMultiByte
RaiseException
EnumResourceNamesA
CreateProcessA
LocalAlloc
GetSystemTimeAsFileTime
GetCPInfoExA
MultiByteToWideChar
InterlockedExchange

advapi32

RegQueryValueExA
RegDeleteKeyA
RegCreateKeyExA
RegEnumKeyExA
RegOpenKeyA
RegOpenKeyExA
RegCloseKey
RegSetValueExA

ole32

StringFromIID
ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ