3d651ad1be13536a36ce0c3049ee3211_JaffaCakes118 | Triage

Sharing

General

Target

3d651ad1be13536a36ce0c3049ee3211_JaffaCakes118
Size

262KB
MD5

3d651ad1be13536a36ce0c3049ee3211
SHA1

c1dab1376ef7e291ed1c15a65a2ed71c8f13cbfe
SHA256

f9df7a36c25ea621a047f9d87adc12f17e627ba768a2d09410fa2abab78428ea
SHA512

f15e81c8fcdacbaa553a671b5a22bac89d0fcde8c26ba070f6f1487b2942c0a7d071ba86674108d58206de71f14b3219d1137d5efa00fbf2ef53c9865eaafbfb
SSDEEP

6144:SsoZTjWxJAv4OH/s9Wgp8JzYHS5vKXRtW+DPDNaTiq85Dmir:9o9jW/AgOH/sQgqYHWvK/W2aTi9DRr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d651ad1be13536a36ce0c3049ee3211_JaffaCakes118

Files

3d651ad1be13536a36ce0c3049ee3211_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dc7aa1681f28cd7d2ee146963d30c877

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSEnumerateSessionsW
WTSQuerySessionInformationW
WTSFreeMemory

kernel32

GetStartupInfoA
SystemTimeToFileTime
HeapSize
HeapFree
GetACP
GetTickCount
lstrlenA
WriteFile
GetProcessHeap
GetSystemTimeAsFileTime
HeapDestroy
TerminateProcess
LoadLibraryExW
lstrlenW
GetLocaleInfoA
CreateProcessA
WideCharToMultiByte
CreateFileW
GetCurrentThreadId
UnhandledExceptionFilter
GetEnvironmentVariableA
SetUnhandledExceptionFilter
LocalAlloc
EnumResourceTypesA
GetSystemTime
InterlockedCompareExchange
LoadLibraryW
IsDebuggerPresent
CloseHandle
HeapAlloc
CompareFileTime
GetModuleHandleA
GetStdHandle
InterlockedExchange
MultiByteToWideChar
GetCurrentProcessId
Sleep
GetThreadLocale
HeapFree
QueryPerformanceCounter
RaiseException
GetCurrentProcess
HeapReAlloc
lstrcpynW

oleacc

LresultFromObject
AccessibleObjectFromPoint

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ