a5b70c850e56651961a8d04940b2a045_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a5b70c850e56651961a8d04940b2a045_JaffaCakes118
Size

179KB
MD5

a5b70c850e56651961a8d04940b2a045
SHA1

8d0e09c8baf9a1da39c2fbde8c0b652f605ab601
SHA256

68a6c6f19cf84fe9cd8fdfdb01614bc1c0f30b5570fd2196a45b43e015d05eb3
SHA512

73622d45ca820d52fdafa5661677a4f50ae5b9492521561baa95b8bcf9e259c570edfafa89d749af9c055c761d4c2237fd52c7a1f871a84c44f4a57ae7fd7962
SSDEEP

3072:6YWUl5rtZDUUS+5tc8VYDznS1Cf4R6SEHGqOPv80mgJP7SCcZ6Iu6C9Xnx9mgRuq:pWItZg4tjYDrIjREhr0mgJP7SFZ6xzXr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5b70c850e56651961a8d04940b2a045_JaffaCakes118

Files

a5b70c850e56651961a8d04940b2a045_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aa45f67b2623ad041eea24847fc43f6e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlCombineW
UrlCanonicalizeW
UrlApplySchemeW
PathCombineW
UrlGetPartW
PathAppendW

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW
WTSEnumerateSessionsW
WTSUnRegisterSessionNotification
WTSRegisterSessionNotification

kernel32

WriteFile
GetCPInfo
HeapFree
LCMapStringW
LoadLibraryA
VirtualAlloc
GetACP
GetStringTypeA
IsDebuggerPresent
EnumResourceTypesW
InterlockedExchange
SetUnhandledExceptionFilter
GetCurrentProcess
LZCopy
RtlUnwind
LCMapStringA
GetOEMCP
GetStringTypeW
GetLocaleInfoA

oleacc

GetOleaccVersionInfo
AccessibleObjectFromEvent

msimg32

TransparentBlt

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ