8b2b45e2040863dbcc1425c12672bfec_JaffaCakes118 | Triage

Sharing

General

Target

8b2b45e2040863dbcc1425c12672bfec_JaffaCakes118
Size

164KB
MD5

8b2b45e2040863dbcc1425c12672bfec
SHA1

e9f8d0489a04f177d2e8918931dd93b9af091374
SHA256

489b97cfa9e9a7098e8526c5922c164c7566c449f29ca62f89b9c7a88825bbdf
SHA512

0324c9b84568096972cd53d5e5f3855edfaef21870dc6f8db93478b8b32ad7aa01e6d67dd13433c241531121268d3f69aa6dad23b7b4b67f86abf37583f8d90b
SSDEEP

3072:lNFrU9ZxyPJm9aEOoyQ8P00p+BnMVS43SKPFVUsdEEgUyAi663Pnu8kQ0L16:FrLPJbHQ8bp+BMVSoSCKCZiAiLPnm/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b2b45e2040863dbcc1425c12672bfec_JaffaCakes118

Files

8b2b45e2040863dbcc1425c12672bfec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f00a92759606f57617e17dc15f666f71

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoRegisterClassObject
CoRevokeClassObject
StringFromGUID2
CoCreateInstance
CoInitialize
CoUninitialize
CoTaskMemFree
StringFromCLSID

shlwapi

PathCombineW
PathFileExistsW

kernel32

FindClose
lstrcpyA
GetACP
DeleteCriticalSection
GetTickCount
CheckRemoteDebuggerPresent
lstrlenW
lstrcmpiW
OutputDebugStringW
WideCharToMultiByte
EnumResourceNamesA
LockResource
GetCPInfo
MultiByteToWideChar
InitializeCriticalSection
lstrcpyA
lstrcpyW
GlobalFree
GlobalAlloc
GetLastError
GetModuleHandleW

user32

PostThreadMessageW
TranslateMessage
CharUpperW
KillTimer
GetMessageW
SetTimer
DispatchMessageW
GetDC
CharNextW
SendMessageW
wsprintfW
UnregisterClassA

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ