236f85c461f76168dc7ea1d810f6be34_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

236f85c461f76168dc7ea1d810f6be34_JaffaCakes118
Size

168KB
MD5

236f85c461f76168dc7ea1d810f6be34
SHA1

f8239cde5146623da22be38ba79839d1fae27ef9
SHA256

2f16fe29a913ac2c8bbe72f7612842637411ab36b99cbcc45276d2cbad504095
SHA512

baef3f335fed370cbce479e6e1a8d9b04f2cd9d5bf0253008fcbf7749f43c3e7ae60ccc405e87ebfff9e3d7f77505e14f16e25955e1f98ef07748b1a46f2ddca
SSDEEP

3072:wdfnEY9NEn4E9d6BHF+dAOhWH/le3apFiBW0HPU3MIGbHXISG:sf984E3ysSOyle3aFF0s3AHXIS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
236f85c461f76168dc7ea1d810f6be34_JaffaCakes118

Files

236f85c461f76168dc7ea1d810f6be34_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dde82f08e0b973277da290365d4b39ea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

shlwapi

PathCombineW
PathFileExistsW

user32

TranslateMessage
GetMessageW
SendMessageA
GetDC
KillTimer
CharUpperW
CharNextW
DispatchMessageW
wsprintfW
PostThreadMessageW
SetTimer
UnregisterClassA

ole32

StringFromGUID2
CoRegisterClassObject
CoTaskMemFree
CoRevokeClassObject
CoTaskMemRealloc
CoCreateInstance
CoInitialize
CoUninitialize
CoTaskMemAlloc
StringFromCLSID

kernel32

GlobalFree
lstrcpyA
MultiByteToWideChar
lstrcpyW
LockResource
lstrcpyA
GetProcessAffinityMask
lstrlenW
EnumResourceNamesW
GlobalAlloc
lstrcmpiW
GetLastError
GetTickCount
OutputDebugStringW
FindClose
GetCPInfo
FreeEnvironmentStringsW
WideCharToMultiByte
InitializeCriticalSection
GetACP
GetModuleHandleW

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ