6f9652ab42621fddfa9868e83df35ce4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6f9652ab42621fddfa9868e83df35ce4_JaffaCakes118
Size

164KB
MD5

6f9652ab42621fddfa9868e83df35ce4
SHA1

c8581e9f29d6e31c9088a1dae06d9a0113e229cd
SHA256

591879e1b0ce9bbcb293c379eb814ba49b2a36b3c2a14c98b439c97218f3dfae
SHA512

37d488e2f10d46bf59aa90b7807395ae5184ea6f43291534796a2d9dd307639734fd861c30532d6b66b4bda028421a201492ce7d0a9a03013f56c292f754f245
SSDEEP

3072:47m429V3zKmCMEZ087NCjb2m7L6XiJ49qC5YGN6Zl2SlqaVD4bY:47mVAZNCjqmSiu5XCEgdA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f9652ab42621fddfa9868e83df35ce4_JaffaCakes118

Files

6f9652ab42621fddfa9868e83df35ce4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b8bff1fd5dc919a59c284e6f73e72de4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
RaiseException
VirtualProtect
HeapAlloc
ExitProcess
SetUnhandledExceptionFilter
QueryPerformanceCounter
HeapValidate
IsBadReadPtr
GetProcessHeap
EnumResourceTypesA
VirtualQuery
FindFirstFileExA
VirtualAlloc
GetSystemInfo
RtlUnwind
HeapFree

gdi32

GetStockObject

oleacc

GetOleaccVersionInfo
CreateStdAccessibleObject

Sections

.text
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ