d15b983dfd9ada8289b6c3bf5c97e042_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d15b983dfd9ada8289b6c3bf5c97e042_JaffaCakes118
Size

181KB
MD5

d15b983dfd9ada8289b6c3bf5c97e042
SHA1

c141778dd28d3e9c00b6979335e4f09fc0a463a1
SHA256

fcf32e97c82a542d0acec0098460579e2937732b4e3bd91bfb704048f3147f59
SHA512

10ee4d83bdb070d94469b055006b82fe91fe5e05db05f8d80da7a726a66bb59826546a0bf45084e6d5d4cf250d9ae0e73a6cb3c3260bfcf0e202cbdb2fe9b1d1
SSDEEP

3072:FWxPQkJCdoXIxlz/DbBXjpt2gautL0ovY5suBHHLN18QzTqKvk07MMzTEHepvnqN:sx4kJCoK5r1XjHZuTBnLNlTq7y3/LyMW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d15b983dfd9ada8289b6c3bf5c97e042_JaffaCakes118

Files

d15b983dfd9ada8289b6c3bf5c97e042_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d03b81367fbc89ea3719aebe362a4b0c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
BaseInitAppcompatCacheSupport
GetSystemDirectoryA
WideCharToMultiByte
MultiByteToWideChar
GetSystemInfo
lstrlenW
IsBadReadPtr
EnumResourceTypesA
GetProcAddress
GetModuleHandleA
lstrcpyA
FindFirstFileA
GetModuleFileNameA
lstrlenA
CreateProcessA
Sleep
GetDiskFreeSpaceA
MoveFileExA

oleacc

AccessibleChildren
CreateStdAccessibleProxyA

gdi32

GetStockObject

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ