773991b926e3b9f1b4a2f4a21e3cdd7d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

773991b926e3b9f1b4a2f4a21e3cdd7d_JaffaCakes118
Size

176KB
MD5

773991b926e3b9f1b4a2f4a21e3cdd7d
SHA1

231b933eb72a389c92b16412190d1b9c20356f35
SHA256

5ac2bf42a7d6fd4efb2dab16b81176942ab6c01195dbde653472da8c51dc75b4
SHA512

2cf32ff17011a34b03c3ad7758479c2bf5dc31bcb6281d03f2eafce43bb8ffec0456a35bba1368134a1dfbddc42d29fc161f32b817750366e62bf2b2d8fea79f
SSDEEP

3072:rb5oGkBwLJ6GwRiWqBr5/ZCzwzb0Kf/0wYobaxF2HYLOnTQcDX/ZPq7b:lT6+WWCzwv0KuoGxF2HYSTPJK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
773991b926e3b9f1b4a2f4a21e3cdd7d_JaffaCakes118

Files

773991b926e3b9f1b4a2f4a21e3cdd7d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aa60c99945bab14d643815115ad7fded

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

ole32

StringFromGUID2
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemRealloc
StringFromCLSID

kernel32

lstrcpyA
lstrlenW
GetACP
GetLastError
GetTickCount
GetProcessAffinityMask
LockResource
InitializeCriticalSection
GlobalAlloc
GetCPInfo
EnumResourceNamesW
lstrcmpiW
GlobalFree
FindClose
MultiByteToWideChar
OutputDebugStringW
FreeEnvironmentStringsW
lstrcpyW
lstrcpyA
WideCharToMultiByte
GetModuleHandleW

shlwapi

PathCombineW
PathFileExistsW

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

KillTimer
GetDC
SetTimer
CharUpperW
TranslateMessage
PostThreadMessageW
DispatchMessageW
CharNextW
SendMessageA
GetMessageW
wsprintfW
UnregisterClassA

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ