07d611e961b420493850ab5701d471c8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07d611e961b420493850ab5701d471c8_JaffaCakes118
Size

178KB
MD5

07d611e961b420493850ab5701d471c8
SHA1

ed3c528ddb841d36926f8b25d24f29686b304a87
SHA256

ab52bef5f08c3ee0c62b51dd574eca734e851ccd8b69bb7d138efb2fa7d51982
SHA512

e41a63b7ed53fe3530cf61dfb989edd3b7175cb43607e981f2dc0a65e0440ec853a6faba9c47db1bd37a1c1d475c26e4eaed84bd7a1a573f04c5ea2b1331eb3d
SSDEEP

3072:trmh2DkOci708qtdmf4JLzR6S7vbm8dQHpu7pGIB07HHHeN5DOsgGKxv5:EhHimfn0S/xKHpqna7n+3DRKxv5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07d611e961b420493850ab5701d471c8_JaffaCakes118

Files

07d611e961b420493850ab5701d471c8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

07772bc5d1d9ba86a0c3221b208d5009

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcpynW
TlsAlloc
CheckRemoteDebuggerPresent
HeapCreate
EnumResourceTypesW
InitializeCriticalSection
TlsGetValue
TlsFree
GetStartupInfoA
GetFileType

oleacc

LresultFromObject

user32

GetDC
LoadCursorW
RegisterClassExW
GetWindowInfo
GetParent
MessageBoxW
CreateWindowExW
EndDialog

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.apexi
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ