316ada89d4a0ca97e7f36da3316220e5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

316ada89d4a0ca97e7f36da3316220e5_JaffaCakes118
Size

164KB
MD5

316ada89d4a0ca97e7f36da3316220e5
SHA1

0ea99bbed26da47bbbe789d6872540676d369623
SHA256

ed4ffac360c18d734f9cfb8fd69a9027f50e71f0e6574ba05c1ec3c21176d8ca
SHA512

01d6a99bf6d67d36b29d6701be618f003ffaec308aff78238311d35597e53294a9f46bd73662dc8fa3d9143e72d97ad665ed486c89e31b81d25a959741a65d9e
SSDEEP

3072:GV/lwezh9l2lR1p1tEWl6Fm2A0rDm6iYR0nMCguhaCmSRCsnuf:U/lDzWeWl4m2A0rEYRerguchsnuf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
316ada89d4a0ca97e7f36da3316220e5_JaffaCakes118

Files

316ada89d4a0ca97e7f36da3316220e5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f41559ae4ba9b7b157d7e34a6dd2e14f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

oleacc

LresultFromObject

kernel32

lstrcpynW
TlsGetValue
CheckRemoteDebuggerPresent
TlsFree
EnumResourceTypesW
InitializeCriticalSection
TlsAlloc
HeapCreate
GetStartupInfoA
GetFileType

user32

GetParent
CreateWindowExW
RegisterClassExW
MessageBoxW
GetDC
LoadCursorW
GetWindowInfo
EndDialog

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.apexi
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ