886f44b761811781cf659d72d846e48d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

886f44b761811781cf659d72d846e48d_JaffaCakes118
Size

187KB
MD5

886f44b761811781cf659d72d846e48d
SHA1

44d9454fd92d31bf652f71a427c80676eee3acc6
SHA256

f9dccb6cd10c38aa5f0b08516d42771c04521bca49ef218f5bc068f7037e099b
SHA512

71b0dd3195ba756ff7e1a298fcd833d138a6864b0c8f902e9930e9eb714e4570005826911cd826f34ab24319021f0cb534416aebe776a58764546dcff67f3669
SSDEEP

3072:ovZTfhV32ZqFxW01OuQFZicufNJJ4vO4Wka0Z4SdJ3jgsW5UNO4cp5rE6M08:0mZqFvQ7alg3jGUNO4OOh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
886f44b761811781cf659d72d846e48d_JaffaCakes118

Files

886f44b761811781cf659d72d846e48d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fc69ebdaa89103c39bb75c3cd7db797e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

ICOpen
ICSendMessage
ICClose
ICDecompress

kernel32

GetShortPathNameW
IsDebuggerPresent
GetCurrentProcessId
LoadLibraryA
GetCurrentThreadId
GetProcessTimes
UnhandledExceptionFilter
GetModuleHandleA
InitializeCriticalSection
DeleteCriticalSection
EnumResourceTypesA
ExitProcess
CreateFileA
LocalFree
CloseHandle
GetLastError
GetProcAddress
SetUnhandledExceptionFilter
GetVersionExA

ole32

StgCreateDocfile
StgOpenStorage

user32

wsprintfA
wsprintfW

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ