41bedb64a66a42428421a0c68cf837b5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

41bedb64a66a42428421a0c68cf837b5_JaffaCakes118
Size

163KB
MD5

41bedb64a66a42428421a0c68cf837b5
SHA1

2314560ebfd441a4af889e9b6e8031652b275e90
SHA256

91657b50f208de50fd41e2cb9a590458ab342f94a0a5905199ba448ca112ca04
SHA512

17fbdbabfa6f8487071b78df07b9a891de91490b93eb374f6d19d25d5970817d579deba33abb0f302b298d7a6c5acbd68762f5948c0054a65e69ecc987520b73
SSDEEP

3072:wQuZDArdNDVg5svPg35b0t9f1W7u90/DNAs8jZk+GeUjEfYdsnFn34CN:wQmUrdBGCvPg35b0t9f1WP5AZc3iYdlC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41bedb64a66a42428421a0c68cf837b5_JaffaCakes118

Files

41bedb64a66a42428421a0c68cf837b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8380ba2c99c45599a1a05facc17231c5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

CharNextW
SendMessageW
KillTimer
DispatchMessageW
GetMessageW
PostThreadMessageW
SetTimer
GetDC
wsprintfW
CharUpperW
TranslateMessage
UnregisterClassA

kernel32

lstrcpyW
GlobalAlloc
GetACP
DeleteCriticalSection
GetLastError
LockResource
CheckRemoteDebuggerPresent
GetCPInfo
MultiByteToWideChar
EnumResourceTypesA
GlobalFree
lstrcpyA
lstrcpyW
OutputDebugStringW
InitializeCriticalSection
GetTickCount
lstrlenW
lstrcmpiW
WideCharToMultiByte
FindClose
GetModuleHandleW

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ