2e4704dde4f15846a81951de98c54594_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2e4704dde4f15846a81951de98c54594_JaffaCakes118
Size

167KB
MD5

2e4704dde4f15846a81951de98c54594
SHA1

25cd75229907ba5fc581949142c176b312c8bcbe
SHA256

b6c3b2b7045fff35a0c9c12362a3ee39f49feb74558896b2a67164f14d217df8
SHA512

d4c72d8dacd2c3bcb6aedac842b3f01bbcc380bca8d17e87f9e0a0e62bcb114e721f970a5175898d690c6643722732f334ba367c213776889e8bdfde1a9b860c
SSDEEP

3072:R6qyiqLQQQ6POMY/DVWyOg3+4DDUgPixxRmoV8ZVmJpyDJCz74eXOlCTl:R6qyiq0GY/ZWNg3+4DAGg8ZzlCf4eXj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e4704dde4f15846a81951de98c54594_JaffaCakes118

Files

2e4704dde4f15846a81951de98c54594_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e7304b0416b5a1a51ae337d33b4d882e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shlwapi

PathCombineW
PathFileExistsW

ole32

CoTaskMemFree
StringFromGUID2
CoInitialize
CoRegisterClassObject
CoCreateInstance
CoUninitialize
CoTaskMemRealloc
CoRevokeClassObject
CoTaskMemAlloc
StringFromCLSID

kernel32

GetTickCount
lstrcpyA
GetACP
InitializeCriticalSection
GetLastError
GetProcessAffinityMask
FindClose
OutputDebugStringW
lstrlenW
EnumResourceNamesW
lstrcpyA
WideCharToMultiByte
GlobalAlloc
GlobalFree
lstrcmpiW
GetCPInfo
MultiByteToWideChar
FreeEnvironmentStringsW
LockResource
lstrcpyW
GetModuleHandleW

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

wsprintfW
KillTimer
GetDC
SendMessageA
CharUpperW
SetTimer
PostThreadMessageW
TranslateMessage
DispatchMessageW
CharNextW
GetMessageW
UnregisterClassA

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ