a86f0bcd2b1c09d6c74da6c5884226a3_JaffaCakes118 | Triage

Sharing

General

Target

a86f0bcd2b1c09d6c74da6c5884226a3_JaffaCakes118
Size

60KB
MD5

a86f0bcd2b1c09d6c74da6c5884226a3
SHA1

18db47bc7d0933646f0794258ad7056f44f67ba8
SHA256

76decb94f4c757a503d6a0dcce9fdc1b358cf63790c805f5a216ef1ac4d2f379
SHA512

30b441e20af365d4a825a6d9e331d1547c90db66403507a900badba66169f3a1cec2437ba6b00065c0efeadd843c52093db8601a30666ae34d109eb3fde32a08
SSDEEP

1536:7105m6t1tHcIpj/fI4YBRBcQ14xVR1W8vWgT:7C5m6BJpj/g4rxVPWg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a86f0bcd2b1c09d6c74da6c5884226a3_JaffaCakes118

Files

a86f0bcd2b1c09d6c74da6c5884226a3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

233d43c85d3e6d8c909589d1c7274413

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetCursor
LoadImageA
GetMessageA
DrawTextA

kernel32

SetEndOfFile
lstrcmpA
WriteFile
VirtualAlloc
TlsSetValue
EnterCriticalSection
EnumResourceLanguagesA
EnumResourceNamesA
GetModuleHandleA
GetStartupInfoA
LoadLibraryA
Sleep

ole32

CoInitializeSecurity
OleCreateLink
WriteClassStg
CoGetCurrentProcess

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

code
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE