b562b65850eb52f9eb16d236c826a9a7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b562b65850eb52f9eb16d236c826a9a7_JaffaCakes118
Size

164KB
MD5

b562b65850eb52f9eb16d236c826a9a7
SHA1

2cd7c5bafab4914e9ef7518ffb477300655c3e8a
SHA256

5b45b92d9de19e3b6d3c8fbde2f32822ab2cb31de028499dea279504c10fafc1
SHA512

387ae21351171ef6596b18fd7014f6316216d12945bebb88265984e322b19664355af3cfb1e422a40c6eb5b21c96267cd7a8a0a918cb720cb626b9f98c4c326a
SSDEEP

3072:yhIC511kbPYhp6odk2ujQS1YQ93JYz1PpFEWzhx7P/5khferdbX4rM/BNMdV:yG7AhIodkxjQS1V1yz9pFdzf75khGcf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b562b65850eb52f9eb16d236c826a9a7_JaffaCakes118

Files

b562b65850eb52f9eb16d236c826a9a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b37c80c4a6cf8c41775d82866c1e7e26

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

shlwapi

PathCombineW
PathFileExistsW

ole32

CoCreateInstance
CoTaskMemAlloc
CoRegisterClassObject
CoTaskMemRealloc
CoTaskMemFree
CoInitialize
CoUninitialize
CoRevokeClassObject
StringFromGUID2
StringFromCLSID

user32

CharUpperW
SendMessageA
DispatchMessageW
KillTimer
GetDC
CharNextW
PostThreadMessageW
GetMessageW
wsprintfW
SetTimer
TranslateMessage
UnregisterClassA

kernel32

FindClose
lstrcpyA
lstrcmpiW
GetLastError
GlobalFree
InitializeCriticalSection
GetProcessAffinityMask
GetTickCount
lstrcpyA
EnumResourceNamesW
LockResource
OutputDebugStringW
GetCPInfo
GlobalAlloc
lstrlenW
MultiByteToWideChar
FreeEnvironmentStringsW
WideCharToMultiByte
lstrcpyW
GetACP
GetModuleHandleW

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ