869cf58dc56d0eae71584e05856a6e89_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

869cf58dc56d0eae71584e05856a6e89_JaffaCakes118
Size

176KB
MD5

869cf58dc56d0eae71584e05856a6e89
SHA1

246bcca8cdbca80f962f0a2859ad9b2ac3bcf635
SHA256

d553fcc52df8af6edd88375e68dfb2d1cfc6be49c99b6e0b044812f8150199b1
SHA512

36e91df179ed8b5204442f520db36deba7094da46d20d604acd0c2728354c5244d2e5336bb237bbd6722a67d9ad9fe8d8b2d0e55b3005d42f8623f15e35a8c0e
SSDEEP

3072:SsqaCGaja8sDzVAN03dEoK5GFCpmyXpL23nmGAMftzShQKoQ9VA+p6WT0oTBgHtg:JAvjaFDSFod6oftWhQKomIm0150

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
869cf58dc56d0eae71584e05856a6e89_JaffaCakes118

Files

869cf58dc56d0eae71584e05856a6e89_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cb660d9fdffc548ab508fcc99efff8f8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WideCharToMultiByte
GlobalAlloc
lstrcpyA
lstrcpyW
lstrcpyA
CheckRemoteDebuggerPresent
DeleteCriticalSection
lstrlenW
EnumResourceNamesA
FindClose
GetLastError
MultiByteToWideChar
OutputDebugStringW
GetCPInfo
InitializeCriticalSection
lstrcmpiW
GetACP
GetTickCount
LockResource
GlobalFree
GetModuleHandleW

oleacc

LresultFromObject
CreateStdAccessibleObject

shlwapi

PathCombineW
PathFileExistsW

user32

KillTimer
GetDC
DispatchMessageW
SendMessageW
TranslateMessage
CharUpperW
GetMessageW
CharNextW
wsprintfW
SetTimer
PostThreadMessageW
UnregisterClassA

ole32

CoUninitialize
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemFree
CoInitialize
CoTaskMemAlloc
CoTaskMemRealloc
StringFromGUID2
CoCreateInstance
StringFromCLSID

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ