d031771380cd7c9f59ce108ee5d1faa3_JaffaCakes118 | Triage

Sharing

General

Target

d031771380cd7c9f59ce108ee5d1faa3_JaffaCakes118
Size

179KB
MD5

d031771380cd7c9f59ce108ee5d1faa3
SHA1

ba54a718d4b12aeadbca541c44877aaeae6b6458
SHA256

b0ae7a02ba791e8afebdaf07dcfcfb8aaa790bd3d3913914f040a2c34f3348a4
SHA512

c485216fdba3e61cc7c13c3daa4e4ff65a0a1dd79f5d81f14bc713e734fc5f2e9e3ee73fccc9b0169bb307b54ca3f83b5aa7d5b1ba3e2dbf41d2e9bef750fc3a
SSDEEP

3072:FWRL3Burv0t8oRbpvx78mReb0pV5gTd6lYcvD55KAaMU7s/pdYjU2iNsZv2GROL:FIL4rvQbpvpCFDQ5vaMT/pd/9y4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d031771380cd7c9f59ce108ee5d1faa3_JaffaCakes118

Files

d031771380cd7c9f59ce108ee5d1faa3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e0a1359bd29b107745b755e930665414

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
LoadLibraryA
HeapAlloc
LCMapStringA
WriteFile
GetCurrentProcess
GetStringTypeW
VirtualAlloc
GetCPInfo
EnumResourceTypesA
GetOEMCP
SetUnhandledExceptionFilter
FindFirstFileExW
LCMapStringW
GetStringTypeA
IsDebuggerPresent
InterlockedExchange
RtlUnwind
GetLocaleInfoA

oleacc

GetOleaccVersionInfo
AccessibleObjectFromEvent

msimg32

TransparentBlt

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ