1844180c5e8a98c0369feb871ddf3822_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1844180c5e8a98c0369feb871ddf3822_JaffaCakes118
Size

185KB
MD5

1844180c5e8a98c0369feb871ddf3822
SHA1

2aba0cfd5beda91990c271e2bef0b40879afcb33
SHA256

76b4fae35f73fc5ce478857830ba18735c05e29f5970f313ab37b84a32d6748e
SHA512

2edec5b8f78f3a27264ed825cc7ca9ab8564cf0c9ee06995645cf401ed92769aca2c6a2322d3b930b97e289338dc861c4737ec38116c07cc46f82d29ad2b2413
SSDEEP

3072:jST+KC9mGFS/q7LWk7eBbu7iL+SJEC5G9wnm6GRLeELtEP5AbJbuXu9l:j7fgf/bZu7i6St5FnXgWhqJaXuf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1844180c5e8a98c0369feb871ddf3822_JaffaCakes118

Files

1844180c5e8a98c0369feb871ddf3822_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e6bca9f0f8821521bceadb0a92b35089

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetTapeStatus
GetModuleHandleA
ClearCommError
ExitProcess
EnumResourceNamesA
ExitProcess
GetCPInfo
LCMapStringW
LCMapStringA
GetProcAddress

user32

GetWindowInfo
MessageBoxW

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ