864637bef5494c0e3108fb513b11dd6d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

864637bef5494c0e3108fb513b11dd6d_JaffaCakes118
Size

180KB
MD5

864637bef5494c0e3108fb513b11dd6d
SHA1

13ff937d3a7664d623da2c181502ce8e1f332faa
SHA256

5d4b6099d4aae6eb6b3b8a4ddcf87816ab8d65d604adf3cd333efbce3bea7664
SHA512

3bbaba17cddd8a416cbe9769e379c5c353b955671de594f501eb3f759e7c012363aab41dd983dca63442621f015646f057fef6c44f540f072091e6482c8195ba
SSDEEP

3072:j92LBEvAcMfqQuki45wlf7QG8+/yyVhoM3tYpAzu2stAfmEcEhfeE65Z73xknRde:j9qjbjhjwEGBH+M3tY2u2vS3E65wzv2Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
864637bef5494c0e3108fb513b11dd6d_JaffaCakes118

Files

864637bef5494c0e3108fb513b11dd6d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

467f995ddcfa0b0ac799f760cb1e19a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
BaseInitAppcompatCacheSupport
CloseHandle
GetDiskFreeSpaceA
lstrcpyA
GetSystemDirectoryA
CreateProcessA
lstrlenW
GetModuleFileNameA
EnumResourceTypesA
Sleep
WideCharToMultiByte
FindFirstFileA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
GetSystemInfo
IsBadReadPtr
MoveFileExA

gdi32

GetStockObject

oleacc

AccessibleChildren
CreateStdAccessibleProxyA

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ