84c754d7f8fd3bb48c50b42b8c52f8d0_JaffaCakes118 | Triage

Sharing

General

Target

84c754d7f8fd3bb48c50b42b8c52f8d0_JaffaCakes118
Size

160KB
MD5

84c754d7f8fd3bb48c50b42b8c52f8d0
SHA1

bde4761e1d2cc8c9862327edc56998058f8b8f9f
SHA256

2932522dfe8a171015869d1fe34e6718aea785129683fecc2bb00c3e1ed3ace5
SHA512

23ccd21845184aedc136a30879fad01b25bd86adfd1d5e47c3122b78f09fbaa5b4265a12d0372427fa81156fa42f0af5d8cb50eb9e38a8e7d97b808dd94703b3
SSDEEP

3072:rs+Eng1nzKe51xW0PWHRbL1KLtIYD3ufHJIJIhXxtf62YodhqBEn2LpI/cXik1ld:rHE+IMWHRNqtIKceAXLNYoL920kzd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84c754d7f8fd3bb48c50b42b8c52f8d0_JaffaCakes118

Files

84c754d7f8fd3bb48c50b42b8c52f8d0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

236d187fe8e7b8971bb00deb7834ec40

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSFreeMemory
WTSEnumerateSessionsW
WTSQuerySessionInformationW
WTSUnRegisterSessionNotification
WTSRegisterSessionNotification

kernel32

SystemTimeToFileTime
LoadLibraryExW
HeapFree
CreateProcessA
GetStdHandle
GetCurrentProcess
lstrlenA
GetCurrentProcessId
GetCurrentThreadId
WideCharToMultiByte
GetLocaleInfoA
CreateFileW
HeapReAlloc
GetThreadLocale
LocalAlloc
TerminateProcess
GetStartupInfoA
lstrlenW
GetEnvironmentVariableA
InterlockedCompareExchange
Sleep
CloseHandle
EnumResourceTypesW
MultiByteToWideChar
GetACP
GetProcessHeap
GetTickCount
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
LoadLibraryW
IsDebuggerPresent
RaiseException
InterlockedExchange
CompareFileTime
HeapFree
HeapAlloc
GetSystemTime
QueryPerformanceCounter
WriteFile
HeapSize
HeapDestroy
GetModuleHandleA
UnhandledExceptionFilter
lstrcpynW

oleacc

LresultFromObject
AccessibleObjectFromEvent

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ