8e3b81f8b2a1eafebe04691271d1a542_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8e3b81f8b2a1eafebe04691271d1a542_JaffaCakes118
Size

175KB
MD5

8e3b81f8b2a1eafebe04691271d1a542
SHA1

1be231d65bf444c2c57cebbc6cbf26524d30e258
SHA256

c06d3035e82f1b0ccd793c5719d85ad50db71ccf771027de4667c7a112b1caf5
SHA512

d9a1fd2d86cb6f3b9b7a5be83b48a131b013d1e3611226771886782d9c2f77f28fd6809f00a8b46a76235011e4736d195ce528ecab384d445a8a7d0e40225513
SSDEEP

3072:Xx83mfg+7dEqAsAat/cGypxbhsco15WAyOfS/vOHfeN1lfHsqj:9liqnAUcJxNscofiyS/1Hv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e3b81f8b2a1eafebe04691271d1a542_JaffaCakes118

Files

8e3b81f8b2a1eafebe04691271d1a542_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8e25b485f3f31f9905b62a2c80ca97d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shlwapi

PathCombineW
PathFileExistsW

ole32

CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoRegisterClassObject
CoTaskMemRealloc
StringFromGUID2
CoRevokeClassObject
CoInitialize
CoCreateInstance
StringFromCLSID

user32

GetMessageW
KillTimer
wsprintfW
GetDC
SendMessageA
CharUpperW
PostThreadMessageW
CharNextW
TranslateMessage
SetTimer
DispatchMessageW
UnregisterClassA

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

lstrcpyA
LockResource
WideCharToMultiByte
GlobalFree
GetProcessAffinityMask
GetACP
MultiByteToWideChar
InitializeCriticalSection
EnumResourceNamesW
lstrcpyW
OutputDebugStringW
GetCPInfo
lstrcpyA
lstrlenW
lstrcmpiW
GetTickCount
FreeEnvironmentStringsW
GetLastError
GlobalAlloc
FindClose
GetModuleHandleW

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ