ea4bc0ba87e0913ec6ba2beb9c3e82ed_JaffaCakes118 | Triage

Sharing

General

Target

ea4bc0ba87e0913ec6ba2beb9c3e82ed_JaffaCakes118
Size

146KB
MD5

ea4bc0ba87e0913ec6ba2beb9c3e82ed
SHA1

dd8c60fd1714524a09c5302e7ae27e7e3fb2f322
SHA256

8fe3342e71c1bcda02c0897c90bd9f251d87fe7d4a79558806f9954f83756eb5
SHA512

31565e9c542e70474dd57e399a63b6a8afd2c4019c594f5e756c0c8194925ccddc43b565673f7bd5dfc780cded9fa79c4f20297923642d280f7055184fcee623
SSDEEP

3072:8B6Q9UD7nItc8pRPzzClp7ullH/DjbUeoIO8/85doACvVlkjZHJ:8B6Qei/pRrelpqllH/nIpIf/8MACdlkz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea4bc0ba87e0913ec6ba2beb9c3e82ed_JaffaCakes118

Files

ea4bc0ba87e0913ec6ba2beb9c3e82ed_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6b0bb37d60c6cc5b6c8cb04bbf2ecbbf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject

shell32

SHGetSpecialFolderPathW
ShellExecuteExW

ole32

CoCreateInstance
CoUninitialize
CoFileTimeNow
StgOpenStorage
CoInitialize

kernel32

DisableThreadLibraryCalls
GetCurrentThread
GetTempPathA
GlobalDeleteAtom
DeleteFileA
SetPriorityClass
VirtualQueryEx
EnumResourceNamesW
ExitProcess
GetFileAttributesA
lstrcpyA
ResumeThread
OutputDebugStringA

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ