11148280dbf1e0deb104dfc25f2cd860_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11148280dbf1e0deb104dfc25f2cd860_JaffaCakes118
Size

156KB
MD5

11148280dbf1e0deb104dfc25f2cd860
SHA1

0dee5f64029e2d681f043e1238d4b73bdf93e9e2
SHA256

bba52f1d4d5badeb848605765cabbe4264fcb1480f37db643ba8f2f4154e2fb9
SHA512

eb553130681a7247fb5ff0c788b6c36770b684644ac434875d7a4e8d422d396665ac7d3d2822b49555bbae16005cc98b6cdc5f580929d569a4d7ecdc96468a20
SSDEEP

3072:dTsIHsnWeaW+sTH4BVYic36UqTT8O4IJBF3qc5h6RFbbNGd:FsIMWYHCYgUW8O4Ilqc58fbbE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11148280dbf1e0deb104dfc25f2cd860_JaffaCakes118

Files

11148280dbf1e0deb104dfc25f2cd860_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6160f7d4cace75b74cbd193eaaebf1ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetCPInfo
lstrcpyW
OutputDebugStringW
LockResource
CheckRemoteDebuggerPresent
GetLastError
lstrcpyW
MultiByteToWideChar
EnumResourceTypesA
GlobalAlloc
WideCharToMultiByte
GetACP
FindClose
GetTickCount
lstrlenW
InitializeCriticalSection
GlobalFree
lstrcmpiW
DeleteCriticalSection
lstrcpyA
GetModuleHandleW

user32

SetTimer
CharUpperW
PostThreadMessageW
wsprintfW
CharNextW
TranslateMessage
DispatchMessageW
KillTimer
GetDC
GetMessageW
SendMessageW
UnregisterClassA

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ