886853e2a93eee0d443b6cf464c95168_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

886853e2a93eee0d443b6cf464c95168_JaffaCakes118
Size

98KB
MD5

886853e2a93eee0d443b6cf464c95168
SHA1

311e6984944f0941867cc5ad526c0c57bdee21dc
SHA256

4638b628cdc751d5debdb282e0415ebc0e8be03160acce2453348c3f9f1145ab
SHA512

44e791f742271ea4f02ae8046ab1f1a60e6631c23b6a3590d56bb621a740b1db432654a8357db998616e4d3b28180a33fd5b45a51d12e1e477c3289b0ca3919e
SSDEEP

3072:j2pqROdcY2PXEe8v0JNPgeEiq+YAKh02A0Ax:jrJObzPALt0g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
886853e2a93eee0d443b6cf464c95168_JaffaCakes118

Files

886853e2a93eee0d443b6cf464c95168_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3e1c60ffbfe6d6c35c9620271a34211b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
DisableThreadLibraryCalls
CompareStringA
GetSystemDirectoryA
lstrcmpW
VirtualProtect
VirtualQuery
lstrcatA
GetDriveTypeA
VirtualAlloc
lstrcpynA
GetLastError
RtlUnwind
GetOEMCP
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateDirectoryA
VirtualFree
RaiseException
lstrcmpA
InterlockedCompareExchange
GetModuleHandleA

user32

SetWindowPos
GetSystemMetrics
CreateWindowExA

ole32

CoUninitialize
StringFromGUID2
CLSIDFromString
CoTaskMemRealloc
CoCreateInstance
CoInitialize

oleaut32

LoadTypeLi
LoadRegTypeLi

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ