03c540fa836d7933ce9d2f510175464b_JaffaCakes118 | Triage

Sharing

General

Target

03c540fa836d7933ce9d2f510175464b_JaffaCakes118
Size

176KB
MD5

03c540fa836d7933ce9d2f510175464b
SHA1

fc8f3ed7018b180ca7005a66b0661bd67a32a9b5
SHA256

b3a87e3f1ef44ee6cecab4080850c3d2d3733ae9d0b1420a5ef79ebf3ddba7b4
SHA512

0985d9aa73e59f9240e0d6fa34e2edce85801e4002750f511f90661147ebb3bb44d798189b51ef1d88704c64e20f4c8501f035231bd5126e7fcf710fdeed0e3a
SSDEEP

3072:rb5oGkBwLJ6GwRiWqBr5/ZCzwzb0Kf/0wYobaxF2HYLOnTQcDX/ZPq7b:lT6+WWCzwv0KuoGxF2HYSTPJK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03c540fa836d7933ce9d2f510175464b_JaffaCakes118

Files

03c540fa836d7933ce9d2f510175464b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aa60c99945bab14d643815115ad7fded

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

ole32

StringFromGUID2
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemRealloc
StringFromCLSID

kernel32

lstrcpyA
lstrlenW
GetACP
GetLastError
GetTickCount
GetProcessAffinityMask
LockResource
InitializeCriticalSection
GlobalAlloc
GetCPInfo
EnumResourceNamesW
lstrcmpiW
GlobalFree
FindClose
MultiByteToWideChar
OutputDebugStringW
FreeEnvironmentStringsW
lstrcpyW
lstrcpyA
WideCharToMultiByte
GetModuleHandleW

shlwapi

PathCombineW
PathFileExistsW

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

KillTimer
GetDC
SetTimer
CharUpperW
TranslateMessage
PostThreadMessageW
DispatchMessageW
CharNextW
SendMessageA
GetMessageW
wsprintfW
UnregisterClassA

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ