dbb98736f6375a5a1ee1e807d6b6191e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dbb98736f6375a5a1ee1e807d6b6191e_JaffaCakes118
Size

167KB
MD5

dbb98736f6375a5a1ee1e807d6b6191e
SHA1

968fb9d8a66d0390159665121564c61f7563bc9f
SHA256

a045a25e28a4df29ec6a2d60f31f9734ef8a6f7a9b865cac046592a7eaf4089b
SHA512

d513d5bec342305d51220cdcf280496037b236213ba5bd47656472c47c838efa0dd13501912b60964b387bcab17a7088bcc1a3c4dbf43513edae9a74459fe3b6
SSDEEP

3072:uwL7/AFlJvAY9gEfKPsIv44JLiu5eCFUWoLuxIn/43HVxcDnDRsn6M+:lLzeJvAgPyPsIvDlxeyoa60HVxcDDRP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbb98736f6375a5a1ee1e807d6b6191e_JaffaCakes118

Files

dbb98736f6375a5a1ee1e807d6b6191e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8d9e0aaad37a1a38c2c606dd58c2737f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

WideCharToMultiByte
lstrcpyW
GetACP
FindClose
CheckRemoteDebuggerPresent
MultiByteToWideChar
lstrcmpiW
GlobalFree
LockResource
EnumResourceTypesA
GetTickCount
GlobalAlloc
lstrcpyW
GetLastError
InitializeCriticalSection
lstrlenW
GetCPInfo
DeleteCriticalSection
OutputDebugStringW
lstrcpyA
GetModuleHandleW

user32

TranslateMessage
GetMessageW
wsprintfW
SetTimer
PostThreadMessageW
SendMessageW
KillTimer
GetDC
CharUpperW
DispatchMessageW
CharNextW
UnregisterClassA

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ