242bdc900358ebce34a8e308c8474a8f_JaffaCakes118 | Triage

Sharing

General

Target

242bdc900358ebce34a8e308c8474a8f_JaffaCakes118
Size

155KB
MD5

242bdc900358ebce34a8e308c8474a8f
SHA1

0922c97e75cf65676be06afeb6dac6d028ad1ec0
SHA256

ca8273a2244dd513a657cf31acc2e2c25a418f8a7698e19d82ffc9f3d68348a2
SHA512

9b32f80be2af626e90a9a53eb079ee76961723aba20a9b2bcd3462f7f9d843960414ec13c3584f6135b1947f8d9a576b15f0c6b673bc85e304294748e445696b
SSDEEP

3072:Kt7yZId6MrTDlCst/XwrCOPf+xQ6swlGV+m4ODuFOWFUiexcfU4w:myO6cThCstv1efOQ1jV+FWZWFSAU4w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
242bdc900358ebce34a8e308c8474a8f_JaffaCakes118

Files

242bdc900358ebce34a8e308c8474a8f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

68b45ed549e7a16fcd205c9d4c31f65c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

DeleteCriticalSection
lstrcpyA
GlobalAlloc
GetTickCount
CheckRemoteDebuggerPresent
lstrcpyW
MultiByteToWideChar
GetLastError
EnumResourceNamesA
WideCharToMultiByte
lstrlenW
lstrcmpiW
lstrcpyA
LockResource
OutputDebugStringW
GetCPInfo
GlobalFree
InitializeCriticalSection
GetACP
FindClose
GetModuleHandleW

user32

GetDC
CharUpperW
TranslateMessage
KillTimer
wsprintfW
CharNextW
SendMessageW
GetMessageW
PostThreadMessageW
SetTimer
DispatchMessageW
UnregisterClassA

shlwapi

PathCombineW
PathFileExistsW

ole32

CoTaskMemFree
CoRegisterClassObject
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoRevokeClassObject
CoUninitialize
CoInitialize
StringFromGUID2
StringFromCLSID

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ