245c4f319281e6008801a16697d59ef1_JaffaCakes118 | Triage

Sharing

General

Target

245c4f319281e6008801a16697d59ef1_JaffaCakes118
Size

97KB
MD5

245c4f319281e6008801a16697d59ef1
SHA1

aa6149a0cfcce3b7572f692ae36943b5bb4e5b26
SHA256

11ac19ffa61907fdd065f2796ce3615f6f225674b5fc7faa39f0d5535799a32e
SHA512

9152e3f67f6efd6b0246ddf62e0c5e5d3032852d927ea4417a26c821666d460ef610b8ccb0e27aaba026d7570f9694aa94a5e21b7aae24b5311f228ba8e430e2
SSDEEP

1536:UXLbe4yX0khXTVFu/BmbY7qzENqGQcuTToCJ+9xxaic9eZQ7z66u6mApxwGyxWgh:U7O0sTVFuHbqGQPJE9nEvz6QFQmH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
245c4f319281e6008801a16697d59ef1_JaffaCakes118

Files

245c4f319281e6008801a16697d59ef1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b9f042ec105ed8204787a5d2612339c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
HeapFree
GetACP
RtlUnwind
GetCPInfo
WriteFile
SetUnhandledExceptionFilter
GetOEMCP
LoadLibraryA
EnumResourceTypesW
GetStringTypeW
LCMapStringA
FindFirstVolumeMountPointA
GetStringTypeA
GetCurrentProcess
InterlockedExchange
LCMapStringW
VirtualAlloc
GetLocaleInfoA

msimg32

TransparentBlt

oleacc

GetOleaccVersionInfo
AccessibleObjectFromEvent

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 716B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ