e2d7acd67f9ee3d5674971cf60acd7d7_JaffaCakes118 | Triage

Sharing

General

Target

e2d7acd67f9ee3d5674971cf60acd7d7_JaffaCakes118
Size

275KB
MD5

e2d7acd67f9ee3d5674971cf60acd7d7
SHA1

709e59da1e0de8d078173458de1c5b543701fbd8
SHA256

eb4bf8c7a95b40686ea4b7e70af3e6b4668b06f8ef112808a040caa82c2b2b63
SHA512

a7844bbea6dcb1d37bf422cdebb97d814b7e48ff85a445498c0bfedd15c5b54de55c6adde74f8b70507056633fd7187a2ed580222df16bdbbd3f1703437a4ef4
SSDEEP

6144:/DRYFav6UKLqmHP1cuuDmIsB0p3xzMw4H4GZ28pgGAz0FgnXN:ch2lmE3pxVkgGzC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e2d7acd67f9ee3d5674971cf60acd7d7_JaffaCakes118

Files

e2d7acd67f9ee3d5674971cf60acd7d7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3130809edc05c66af0ae20c7b4bd4a9c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BaseInitAppcompatCacheSupport
IsDebuggerPresent
GetLastError
LoadLibraryA
GetSystemDirectoryW
lstrlenA
GetCurrentThread
MultiByteToWideChar
EnumResourceTypesW
FreeLibrary
GlobalFree
RaiseException
LoadLibraryExW
CreateMailslotA
FormatMessageA
GetTickCount
MulDiv
GlobalUnlock
SetUnhandledExceptionFilter
UnhandledExceptionFilter

gdi32

GetStockObject

oleacc

AccessibleChildren
CreateStdAccessibleProxyA

Sections

.text
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ