a2338a19fa2b5265329b64e83179ea57_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a2338a19fa2b5265329b64e83179ea57_JaffaCakes118
Size

275KB
MD5

a2338a19fa2b5265329b64e83179ea57
SHA1

aff8416d626032bf62ac653ea5266f0f38bc3b1b
SHA256

61b9d6864df1c3db5af5dc25a476a07beafa1dc4e9690df5e1e3f2fcfa42b878
SHA512

aff76fc74f2ca251320a5aa2cba5079c56a27685db4134c3835ec19c00e144fa363194c0a8c86a1930bf22fb607a26872c6cebedfd1f79a38eed53a1eee2d956
SSDEEP

6144:Y1fxWFQVSreZnlWO9gUujtjIEOtoy0U/ieU:6xAGIAl59gUIxI9XB/7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2338a19fa2b5265329b64e83179ea57_JaffaCakes118

Files

a2338a19fa2b5265329b64e83179ea57_JaffaCakes118
.exe windows:4 windows x86 arch:x86

38f3a056db71274f9525b3fbb668eb3d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
HeapAlloc
LoadLibraryExA
IsDBCSLeadByte
ReadFile
lstrcpyA
SizeofResource
InterlockedDecrement
EnumResourceTypesA
FreeLibrary
LoadResource
WideCharToMultiByte
FindFirstFileExW
lstrlenW
FindResourceA
lstrcmpiA
lstrcpynA
GetModuleHandleA
CreateFileA
InterlockedIncrement

gdi32

GetStockObject

oleacc

GetOleaccVersionInfo
CreateStdAccessibleObject

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ