2d7f1e5e7a1fd414ef5899cdea6d1cd4_JaffaCakes118 | Triage

Sharing

General

Target

2d7f1e5e7a1fd414ef5899cdea6d1cd4_JaffaCakes118
Size

167KB
MD5

2d7f1e5e7a1fd414ef5899cdea6d1cd4
SHA1

999ab7e5ed674e3b7bd89a81d1fbf135c4ec8223
SHA256

bad965e6cee705e09e0d4ee1d09758fa16e8a8a0b94d4767648a04e11608a8fe
SHA512

95ea9d35af2b6136601f99ae943ef62081e3c3cfaa82de6f49dabd326894c8dcc663604ccae2c293d885d8f3a63b5fbde42c738bba3b335662e734c4c2ea2252
SSDEEP

3072:ljCoogYeZEcpONQ2Au9lbB0lrW5q7QiFDcE833a8YPxcUXXWExxJY63y:lj9/7ZlODVlbB0lBAha86NJjy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d7f1e5e7a1fd414ef5899cdea6d1cd4_JaffaCakes118

Files

2d7f1e5e7a1fd414ef5899cdea6d1cd4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

361730521f63acc32c3a5c8249d3d804

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

lstrcpyW
lstrcpyA
OutputDebugStringW
LockResource
lstrlenW
GetTickCount
GetProcessAffinityMask
lstrcpyA
GetACP
EnumResourceNamesW
GlobalAlloc
WideCharToMultiByte
lstrcmpiW
InitializeCriticalSection
FreeEnvironmentStringsW
FindClose
MultiByteToWideChar
GetCPInfo
GlobalFree
GetLastError
GetModuleHandleW

user32

TranslateMessage
GetMessageW
wsprintfW
CharNextW
SetTimer
CharUpperW
GetDC
KillTimer
PostThreadMessageW
SendMessageA
DispatchMessageW
UnregisterClassA

shlwapi

PathCombineW
PathFileExistsW

ole32

CoTaskMemFree
CoRevokeClassObject
CoCreateInstance
CoUninitialize
CoTaskMemRealloc
StringFromGUID2
CoRegisterClassObject
CoInitialize
CoTaskMemAlloc
StringFromCLSID

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ