ed69746aa446d81ec40535f048806a4c_JaffaCakes118 | Triage

Sharing

General

Target

ed69746aa446d81ec40535f048806a4c_JaffaCakes118
Size

276KB
MD5

ed69746aa446d81ec40535f048806a4c
SHA1

083afb28943d6e75245a9a5a8d598fedb572d651
SHA256

99a0be7e62206f74468ce3b6a6c6e307133a8dc5f51da3d43d7b017d51db0d60
SHA512

8bfe12e54eb1ce2aa1d7b0dabb4890fb0d141bc43d5fef0f7f6575e5fc72a9703a828cad6fea8af9c428352f7c1352d78f11eb41d420126d13df75a239775599
SSDEEP

6144:mGj01tuAV3qkskU8ywoyz6Bk1j2wdPVfXNpkJWv/bEf2HYfuj8:tcvMkUs/uk0mP/k8vT6wY9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ed69746aa446d81ec40535f048806a4c_JaffaCakes118

Files

ed69746aa446d81ec40535f048806a4c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

151ea9fcedbe3d190fd4c2dd6f4b2fb4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
ReadFile
HeapAlloc
lstrcpynA
LoadResource
FindResourceA
WideCharToMultiByte
GetModuleHandleA
lstrlenW
EnumResourceTypesA
FreeLibrary
lstrcmpiA
FindFirstFileExW
CreateFileA
IsDBCSLeadByte
InterlockedDecrement
LoadLibraryExA
SizeofResource
lstrcpyA
InterlockedIncrement

gdi32

GetStockObject

oleacc

GetOleaccVersionInfo
CreateStdAccessibleObject

Sections

.text
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ