2b774330c2e7ec77112b95cf9319a9d3_JaffaCakes118 | Triage

Sharing

General

Target

2b774330c2e7ec77112b95cf9319a9d3_JaffaCakes118
Size

167KB
MD5

2b774330c2e7ec77112b95cf9319a9d3
SHA1

ea0e41022d8f82be655dc9237f3b6e560e84dce8
SHA256

d0c8c485ffa28a02fa64f1a15197a6a1ad5931db26f00acfd6ab3b8e8d04e579
SHA512

74462b64fba31a2a3282675b184860062736149619daf95d4ecd69b01f9ef56ec835795c2ad0fae122b1bdaf4637092e30e25395a617e15592523433283bbef0
SSDEEP

3072:ljCoogYeZEcpONQ2Au9lbB0lrW5q7QiFDcE833a8YPxcUXXWExxJY63y:lj9/7ZlODVlbB0lBAha86NJjy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b774330c2e7ec77112b95cf9319a9d3_JaffaCakes118

Files

2b774330c2e7ec77112b95cf9319a9d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

361730521f63acc32c3a5c8249d3d804

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

lstrcpyW
lstrcpyA
OutputDebugStringW
LockResource
lstrlenW
GetTickCount
GetProcessAffinityMask
lstrcpyA
GetACP
EnumResourceNamesW
GlobalAlloc
WideCharToMultiByte
lstrcmpiW
InitializeCriticalSection
FreeEnvironmentStringsW
FindClose
MultiByteToWideChar
GetCPInfo
GlobalFree
GetLastError
GetModuleHandleW

user32

TranslateMessage
GetMessageW
wsprintfW
CharNextW
SetTimer
CharUpperW
GetDC
KillTimer
PostThreadMessageW
SendMessageA
DispatchMessageW
UnregisterClassA

shlwapi

PathCombineW
PathFileExistsW

ole32

CoTaskMemFree
CoRevokeClassObject
CoCreateInstance
CoUninitialize
CoTaskMemRealloc
StringFromGUID2
CoRegisterClassObject
CoInitialize
CoTaskMemAlloc
StringFromCLSID

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ