69251e25a27df770a4e22dc1e537072d_JaffaCakes118 | Triage

Sharing

General

Target

69251e25a27df770a4e22dc1e537072d_JaffaCakes118
Size

180KB
MD5

69251e25a27df770a4e22dc1e537072d
SHA1

be1e926112a5e8a96a74b29cb4ae260000c184e9
SHA256

abab4d47df4526f2aa83f9e26aaa4305e02a19160e36a3725ce12b9fc928a3b8
SHA512

09c75c3a37b892639f7567a190845243929393c0a81ada7de3371da27b3140a741d6e17d7d3c0fdbb123c48183c17af10579fe6c787ffbace2f8b2f48bb70668
SSDEEP

3072:r8OcDn7lRP/zxWC7HHeRbm1OweLcIF7lTtdWLev9IknDRUl91OyBX0oMw408O:r8OcDnRRP/N5iRbqOeIllTtdWLev9Jna

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69251e25a27df770a4e22dc1e537072d_JaffaCakes118

Files

69251e25a27df770a4e22dc1e537072d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5b28eb699d26b66b3a396cf059eef7eb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathCombineW
UrlCombineW
UrlGetPartW
UrlApplySchemeW
UrlCanonicalizeW
PathAppendW

wtsapi32

WTSEnumerateSessionsW
WTSQuerySessionInformationW
WTSUnRegisterSessionNotification
WTSFreeMemory
WTSRegisterSessionNotification

kernel32

HeapFree
SetUnhandledExceptionFilter
LCMapStringA
GetStringTypeW
RtlUnwind
GetStringTypeA
GetACP
GetCurrentProcess
EnumResourceTypesW
GetOEMCP
LCMapStringW
LZCopy
LoadLibraryA
IsDebuggerPresent
VirtualAlloc
InterlockedExchange
GetCPInfo
WriteFile
GetLocaleInfoA

msimg32

TransparentBlt

oleacc

GetOleaccVersionInfo
AccessibleObjectFromEvent

Sections

.text
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ