659c482ae8b6f714393a32369cd92d6c_JaffaCakes118 | Triage

Sharing

General

Target

659c482ae8b6f714393a32369cd92d6c_JaffaCakes118
Size

175KB
MD5

659c482ae8b6f714393a32369cd92d6c
SHA1

4c6b4030e7e22ae65eb3e5cd430d992d0417da5b
SHA256

d3471156143b1d23fe6853e6d0d43a73394f0859283e150aa490cd8d0e000f4e
SHA512

2f62642203ecd89c8a807c2b10aa029402ee736cc7ca31a59d1f53fe845296920807540b8f082ebc1d2a713b618759cca5249a8d4c7694fa0603226a5f9a0703
SSDEEP

3072:1BhehqH9psZcuh02mk3X/OdYS4kwucdHqptc+RwMYkQEGnj8:1B6qH9M62FfKYVk1cdHqpxYkQ9n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
659c482ae8b6f714393a32369cd92d6c_JaffaCakes118

Files

659c482ae8b6f714393a32369cd92d6c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b50164904b65073113fdbc5e5e24bd71

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

OutputDebugStringW
LockResource
lstrcpyA
FindClose
GlobalAlloc
GetProcessHandleCount
lstrlenW
WideCharToMultiByte
GetLastError
EnumResourceNamesW
GetTickCount
lstrcpyW
lstrcmpiW
InitializeCriticalSection
MultiByteToWideChar
lstrcpyA
FreeEnvironmentStringsA
GlobalFree
GetCPInfo
GetACP
GetModuleHandleW

user32

SetTimer
GetMessageW
CharNextW
GetDC
PostThreadMessageW
KillTimer
wsprintfW
SendMessageA
CharUpperW
TranslateMessage
DispatchMessageW
UnregisterClassA

shlwapi

PathCombineW
PathFileExistsW

ole32

CoInitialize
CoRegisterClassObject
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CoUninitialize
CoRevokeClassObject
StringFromCLSID

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ