a105f5546cebe7063a30ffac099510a7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a105f5546cebe7063a30ffac099510a7_JaffaCakes118
Size

182KB
MD5

a105f5546cebe7063a30ffac099510a7
SHA1

f353c15ae3a90844f60209492ac04fdedc933fdb
SHA256

0fb7f335e612bab1363acc507d53ed7c3320647e73a65fa5dee4df6b09d64c63
SHA512

1d5a0df3811d1cebfbbbf5b7d60139d8155808f4f7b3256a065466465240672a2744f7b39e116e992256cf75c4397b1a32cdd024aa38b24819256d1519ed0229
SSDEEP

3072:jWBz81+W1gMoa7vnpQ1Ssrmb03W0Cxz8GksuCjY5jzcW1:jW/W1Ea7hOS8mm3y8T8Y5zcW1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a105f5546cebe7063a30ffac099510a7_JaffaCakes118

Files

a105f5546cebe7063a30ffac099510a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3c3d5e085513b4862c8c78baca4dcfa2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StringFromIID
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

advapi32

RegDeleteKeyA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA

kernel32

IsDebuggerPresent
GetModuleHandleA
VirtualQueryEx
WideCharToMultiByte
GetLocaleInfoA
UnhandledExceptionFilter
lstrlenA
MultiByteToWideChar
QueryPerformanceCounter
CreateProcessA
GetCurrentProcessId
ExitProcess
lstrlenW
LocalAlloc
GetTickCount
RaiseException
EnumResourceNamesW
GetSystemTimeAsFileTime
GetCurrentThreadId
SetUnhandledExceptionFilter
GetCPInfoExW
GetStartupInfoA
GetEnvironmentVariableA
InterlockedCompareExchange
InterlockedExchange
GetCurrentProcess
GetACP
Sleep
GetThreadLocale

oleacc

LresultFromObject
CreateStdAccessibleObject

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

Sections

.text
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ