d69fe1b13c018148f377b65178885ad6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d69fe1b13c018148f377b65178885ad6_JaffaCakes118
Size

163KB
MD5

d69fe1b13c018148f377b65178885ad6
SHA1

a70af1f126139639a6e761db218481466d7abe17
SHA256

d270592001e94c995597fc2f4ebfd8048594f21a732ae27b68b44325ed9f6eb1
SHA512

cd03478a6a887105dfff5e9d71e8a9af0b07dbda64480c7a9a18a1fd0493e79614841dc2e22f09f7b201237ae74452fb3238c43c3dd24c19d95517e2c3f5bfbc
SSDEEP

3072:a188t7Xz+eHcC4cERzR+THD2wfQoE63sWxbCD8JQgnMJgOsVnNkm9:a1jnHcCAlaHD2GQL63ooJQsMJ55m9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d69fe1b13c018148f377b65178885ad6_JaffaCakes118

Files

d69fe1b13c018148f377b65178885ad6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5fb98e17c8eafc09145877e6a7f8fd51

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

PostThreadMessageW
GetDC
DispatchMessageW
SendMessageW
wsprintfW
KillTimer
CharNextW
SetTimer
CharUpperW
GetMessageW
TranslateMessage
UnregisterClassA

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

lstrcpyA
lstrcpyW
lstrcmpiW
GlobalAlloc
GlobalFree
CheckRemoteDebuggerPresent
GetACP
lstrlenW
GetTickCount
FindClose
EnumResourceTypesA
LockResource
DeleteCriticalSection
OutputDebugStringW
WideCharToMultiByte
lstrcpyW
GetLastError
InitializeCriticalSection
MultiByteToWideChar
GetCPInfo
GetModuleHandleW

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ