861d3caba86d3552ca73f55edce2deea_JaffaCakes118 | Triage

Sharing

General

Target

861d3caba86d3552ca73f55edce2deea_JaffaCakes118
Size

286KB
MD5

861d3caba86d3552ca73f55edce2deea
SHA1

3c18d86bdab910a68cb747f8eb6f4e0f5afe25c0
SHA256

f7764de2028912ad8ed10997b130ecfc1dfd1765fb957a17322f636d9ca0d518
SHA512

92f98d036a00203389f0bf8bef44a3ca6414c05a788e9e4a85b2311cb1dd188b7ad0500c86091385fab7ac1eada113491e95e4880a517b30dcd1d033c33c0e2a
SSDEEP

6144:/eNCBVXonqz66XtDxxl1H3rUe3jorI7XvT3ZosZq8cVHs+3:/eghmZ6dH3H31773ZoUq8WsI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
861d3caba86d3552ca73f55edce2deea_JaffaCakes118

Files

861d3caba86d3552ca73f55edce2deea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

64f6cd66530be3a85feab74be077ba4b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
VirtualAlloc
VirtualFree
OpenEventA
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
HeapSize
HeapDestroy
GetVersionExA
FreeLibrary
LoadLibraryW
GetProcAddress
GetCurrentThreadId
GetLastError
LocalFree
GetVersionExW
HeapFree
HeapReAlloc
HeapAlloc
FindResourceExW
FindResourceW

oleaut32

OleSavePictureFile
OleCreatePropertyFrame
SafeArrayGetRecordInfo
SysReAllocStringLen
OleLoadPictureFileEx
CreateTypeLib
OleLoadPictureFile

msvfw32

ICInfo

Sections

.text
Size: 185KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 282B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ