3e7f31f124cbb5d632da194af2347b70_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e7f31f124cbb5d632da194af2347b70_JaffaCakes118
Size

197KB
MD5

3e7f31f124cbb5d632da194af2347b70
SHA1

3e1a48a8bc1d2db324fea11b947b23621e93aa56
SHA256

a7614bf85d8df8cca9210ca4c2cfb82d74e7a829cd48420b24ba1d3fc7c0f497
SHA512

ea9a6c1bec175a2c6550b5046dcda8e7ed2210dd0a70cd5c1cec44ae05a0d84b93e24d075fddb5c5a622b645232cb863b273a2d7b5624350697219daccfda932
SSDEEP

3072:pewiMia34BPppLj5nB4BoKWvSpk4SyEo0ltWofVpapaXZwYK9eo3EQm/2:Ya38jBB43HSyVE4ozapGyYKso0Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e7f31f124cbb5d632da194af2347b70_JaffaCakes118

Files

3e7f31f124cbb5d632da194af2347b70_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7ae38d6d1a3712e7a2e1601d116399de

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

ole32

CoRevokeClassObject
CoTaskMemAlloc
CoRegisterClassObject
CoTaskMemRealloc
StringFromGUID2
CoCreateInstance
CoInitialize
CoUninitialize
CoTaskMemFree
StringFromCLSID

kernel32

GlobalAlloc
lstrcpyA
InitializeCriticalSection
GetCPInfo
FindClose
GetProcessAffinityMask
lstrcpyA
LockResource
GlobalFree
EnumResourceNamesW
GetLastError
WideCharToMultiByte
lstrcmpiW
OutputDebugStringW
lstrlenW
GetACP
MultiByteToWideChar
FreeEnvironmentStringsW
GetTickCount
lstrcpyW
GetModuleHandleW

shlwapi

PathCombineW
PathFileExistsW

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

SendMessageA
DispatchMessageW
CharNextW
GetMessageW
CharUpperW
TranslateMessage
KillTimer
SetTimer
wsprintfW
GetDC
PostThreadMessageW
UnregisterClassA

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ