38605b49647c7419debbd66d5a7b9386_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

38605b49647c7419debbd66d5a7b9386_JaffaCakes118
Size

155KB
MD5

38605b49647c7419debbd66d5a7b9386
SHA1

7b761afbfca9e4de8a5a35f06e5b30554cc730e1
SHA256

58d5c1c9572b53a0aa97da9fa44e9dc53bdcb88bcbf03e8a6000162bb3704515
SHA512

89b7f85b74a84a17f5e73cd22504b7d67b7b6cf7ee7f70cdc408a9026311f828fe51b257c046ddc6ac5977c0108f5a5c6f0b29dc91f5ef82fa23d840debeee2f
SSDEEP

3072:mGB/ZOiLbhgDA+m/kDy4te21Yc50wyKdKaeYoPn9y00pKeJyf7:m0hZLb67m7WR1Yc+oK5lncK2yT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38605b49647c7419debbd66d5a7b9386_JaffaCakes118

Files

38605b49647c7419debbd66d5a7b9386_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b4297044b5554630c4e1e81217f4984

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

lstrcmpiW
lstrcpyA
FindClose
GlobalFree
GetProcessAffinityMask
GetTickCount
MultiByteToWideChar
LockResource
EnumResourceNamesW
GetLastError
lstrcpyA
GetACP
GetCPInfo
WideCharToMultiByte
lstrcpyW
FreeEnvironmentStringsW
lstrlenW
GlobalAlloc
OutputDebugStringW
InitializeCriticalSection
GetModuleHandleW

user32

wsprintfW
PostThreadMessageW
GetMessageW
SetTimer
CharNextW
CharUpperW
KillTimer
DispatchMessageW
GetDC
SendMessageA
TranslateMessage
UnregisterClassA

shlwapi

PathCombineW
PathFileExistsW

ole32

CoTaskMemRealloc
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CoUninitialize
CoCreateInstance
CoRegisterClassObject
CoRevokeClassObject
StringFromCLSID

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ