708d5c3beea10978dc19cd7429797fba_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

708d5c3beea10978dc19cd7429797fba_JaffaCakes118
Size

252KB
MD5

708d5c3beea10978dc19cd7429797fba
SHA1

91c2f8c7586539e9af3230414fbbb8f723925214
SHA256

89ea3b08b3b33c4ebfc36f7d74bbfbe002485fde86d7be2a2f2187b5a9222d93
SHA512

d5a0a97be0a023219efbadbc6c60800b7a4d33cc98a81e01f35095ed5eafa025d4df5fa5d2477309c035f27bce91199af7a1b136148683347532003f9a2e57c1
SSDEEP

6144:AJO9UYc5jO31c1INE9E6T0Hv7b8BvNAOh6LlMTtWrZwYFiofEfkrKwfH:gYc5j21jNE9ECW7bwNAOC2TsrRioM8rl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
708d5c3beea10978dc19cd7429797fba_JaffaCakes118

Files

708d5c3beea10978dc19cd7429797fba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3cb1d7c4660a57caea59a7b69cbd4dfe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
RtlUnwind
CreateSemaphoreW
LoadResource
ReleaseSemaphore
GetSystemDirectoryW
GetModuleHandleW
GetModuleFileNameW
CreateFileW
GetLocalTime
HeapDestroy
GetVersionExA
FreeLibrary
LoadLibraryW
GetProcAddress
GetCurrentThreadId
GetLastError
LocalFree
GetVersionExW
HeapFree
HeapReAlloc
HeapAlloc
CreateSemaphoreW
ReleaseSemaphore

oleaut32

GetRecordInfoFromTypeInfo
OleLoadPicture
VariantChangeTypeEx
SysReAllocStringLen
OleLoadPictureFileEx
VariantClear
OleLoadPictureEx

wtsapi32

WTSRegisterSessionNotification

Sections

.text
Size: 127KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 254B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ