bfe26fe3dc82212b88aa07e54eb5e330_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bfe26fe3dc82212b88aa07e54eb5e330_JaffaCakes118
Size

133KB
MD5

bfe26fe3dc82212b88aa07e54eb5e330
SHA1

6cc05f61919431e274a3d817719eea4c48b1c83d
SHA256

698258d5ae9f939f1af465a553f7c2d55d69c36116eec481fe7f4b63b890b565
SHA512

ef3887fbdd333e9f8a57e39e8e0502b8a8a3123fb815bd9cddf5834948c6731cca1683cf68f69e583c13defe34ac1bf7ae69122e992bedeb7f0e6dd6e7a2f33b
SSDEEP

3072:h1Z1wotKpIww3w1Ew7EDstGyq4MgZUadf:rwR5wAmw7OstiVM5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfe26fe3dc82212b88aa07e54eb5e330_JaffaCakes118

Files

bfe26fe3dc82212b88aa07e54eb5e330_JaffaCakes118
.exe windows:4 windows x86 arch:x86

79516ed0e217712bc6bbea229986e208

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject

ole32

CoUninitialize
CoFileTimeNow
StgOpenStorage
CoCreateInstance
CoInitialize

shell32

SHGetSpecialFolderPathW
ShellExecuteExW

kernel32

VirtualProtect
LoadResource
GetCurrentProcessId
OpenFile
SetEndOfFile
TlsAlloc
EnumResourceNamesW
GetVersionExA
GetCurrentThreadId
TlsFree
TlsGetValue
ExitProcess
GetUserDefaultLCID
TlsSetValue
LoadLibraryExA
GetModuleHandleW

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ