6357f66f24e42212d852bf2bf3d55ac8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6357f66f24e42212d852bf2bf3d55ac8_JaffaCakes118
Size

197KB
MD5

6357f66f24e42212d852bf2bf3d55ac8
SHA1

bce3ee95a975b15856105416acb9a279047ba104
SHA256

fec1b5dd46c420eddaae3f2cf5fa4ee798cba044155ecb5ed1b0d6684e710001
SHA512

0bf466d37ddc0dc06d698310d27b92237fb9a333b7e418aea2c1128ed661bf76647e4c11890a2e7d5b7cb69cd1924b2d25ca5fb6f04d15433f811fed7a12d0c1
SSDEEP

6144:peMOImHMyQ9FBL/ZL6+Mh4Wkc1ExPz4xfUS:XOYFhOfSx0xMS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6357f66f24e42212d852bf2bf3d55ac8_JaffaCakes118

Files

6357f66f24e42212d852bf2bf3d55ac8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a6d7026de9c9c937b3e4c64880fa59d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetWindowInfo
MessageBoxW

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

CreateTapePartition
ExitProcess
ClearCommError
GetCPInfo
EnumResourceNamesA
ExitProcess
LCMapStringW
LCMapStringA
GetModuleHandleA
GetProcAddress

Sections

.text
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ