73773889ff34e563d8a3cd59d34a21c9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

73773889ff34e563d8a3cd59d34a21c9_JaffaCakes118
Size

174KB
MD5

73773889ff34e563d8a3cd59d34a21c9
SHA1

bd40e6e2a98a12a138f060f199bedd6daafeab12
SHA256

c5201bb4451f9256a62b73c568ae400cbb758ad1ef7735cb37bb6e9950be893e
SHA512

740d03b591d5c28aa97bc9de70e94e695117b155381ea927259da2358b7140433fbdaa85ef2066ddf5d46e3972fb2c34ef8df56a4443861efa297620788ac280
SSDEEP

3072:pcEMMwp0KNMAFZlWFurI1hjvxAxFWubVz4frJGza9naOij:uZMcLWFmqjvxAxFWTDJhlpS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73773889ff34e563d8a3cd59d34a21c9_JaffaCakes118

Files

73773889ff34e563d8a3cd59d34a21c9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7888328acb6ee33cf4d54ad386ac92c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSFreeMemory
WTSEnumerateSessionsW
WTSUnRegisterSessionNotification
WTSQuerySessionInformationW
WTSRegisterSessionNotification

oleacc

LresultFromObject
AccessibleObjectFromPoint

kernel32

HeapReAlloc
GetCurrentProcessId
WriteFile
HeapFree
HeapFree
GetSystemTime
GetProcessHeap
lstrlenW
lstrlenA
LocalAlloc
WideCharToMultiByte
SetUnhandledExceptionFilter
HeapDestroy
GetModuleHandleA
GetACP
CreateProcessA
GetStartupInfoA
GetCurrentThreadId
GetThreadLocale
GetCurrentProcess
GetEnvironmentVariableA
EnumResourceTypesA
HeapSize
GetLocaleInfoA
MultiByteToWideChar
InterlockedExchange
Sleep
LoadLibraryExW
HeapAlloc
CompareFileTime
LoadLibraryW
SystemTimeToFileTime
CreateFileW
CloseHandle
TerminateProcess
GetSystemTimeAsFileTime
InterlockedCompareExchange
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
GetStdHandle
UnhandledExceptionFilter
RaiseException
lstrcpynW

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ