179353ed431ddd6587b23a932785a605_JaffaCakes118 | Triage

Sharing

General

Target

179353ed431ddd6587b23a932785a605_JaffaCakes118
Size

174KB
MD5

179353ed431ddd6587b23a932785a605
SHA1

b12b03ea519e8ebfcef297ed2986d1a51eb12f52
SHA256

468a241a93c8e0195dfa1792161b91d7e7675f769375d6b9a8545002b62157f7
SHA512

64bc9e815178c18369df796ec07114c6ba5d572d2959972550d72b4f6ee17fe21d5d609e30082670a8b6c990d1f1baa90f8dad5e7aa2a035bc42611e1bb51a3f
SSDEEP

3072:y6xq13fPTyxljaRsG8sj5m+asGhfKCRIgBmvuJ0UX8NUubyDi:I3XFRsGfdVasYfKCmImQ1sNU3i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
179353ed431ddd6587b23a932785a605_JaffaCakes118

Files

179353ed431ddd6587b23a932785a605_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9f671dd006d6256e4d5115b83ef7ffd3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize

kernel32

LoadLibraryA

Exports

Exports

��pticalDword@888GPAUHINSTANCE__@@U_COMMPROP@@`D
?OpticalMode@888GPAUHINSTANCE__@@U_COMMPROP@@`D
?OpticalReverse@888GPAUHINSTANCE__@@U_COMMPROP@@`D
?OpticalSound@888GPAUHINSTANCE__@@U_COMMPROP@@`D
?OpticalSystem@888GPAUHINSTANCE__@@U_COMMPROP@@`D

Sections

.data
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ