949f4be062b879e972cd297e1fb26691_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

949f4be062b879e972cd297e1fb26691_JaffaCakes118
Size

173KB
MD5

949f4be062b879e972cd297e1fb26691
SHA1

32b86fdcec5887c7b63ac100af19d2d3b94105ef
SHA256

438b3aef86da78e5d6d1b6ec90b3e4edfde4c08503a30f88da8a345972f0897e
SHA512

31006bd4b6988e77789c1bea2bc9b082d121763ec54fe3b4c51daeb709d5170e6bba5d47104e4d76fc3263b3524e90c037c151108998ad9c770d1dff79bdc905
SSDEEP

3072:t31EVvGo9Kdfv8YaWVOmdiMUoAEUj7fYFIMxvxxPTHs2WEg:N+BKNv8YTiMgEkfYJFM2w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
949f4be062b879e972cd297e1fb26691_JaffaCakes118

Files

949f4be062b879e972cd297e1fb26691_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3a667046fdcb66c18c0269ac42723902

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

SendMessageA
KillTimer
SetTimer
GetMessageW
TranslateMessage
DispatchMessageW
GetDC
PostThreadMessageW
CharUpperW
wsprintfW
CharNextW
UnregisterClassA

shlwapi

PathCombineW
PathFileExistsW

ole32

CoInitialize
CoUninitialize
CoRegisterClassObject
CoTaskMemAlloc
CoRevokeClassObject
CoCreateInstance
CoTaskMemRealloc
StringFromGUID2
CoTaskMemFree
StringFromCLSID

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

lstrcmpiW
GlobalFree
lstrcpyA
GetLastError
GetProcessAffinityMask
OutputDebugStringW
GetCPInfo
GlobalAlloc
GetTickCount
EnumResourceNamesW
lstrcpyW
LockResource
lstrlenW
FindClose
lstrcpyA
InitializeCriticalSection
FreeEnvironmentStringsW
GetACP
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleW

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ