412e4cafc45b94b243682920354f36a7_JaffaCakes118 | Triage

Sharing

General

Target

412e4cafc45b94b243682920354f36a7_JaffaCakes118
Size

176KB
MD5

412e4cafc45b94b243682920354f36a7
SHA1

64bc3ea73d36c65de5c683b9c77976018b4b32de
SHA256

68a4c71736a9ec5b753974f02c8bfeed52cda29ce1455c20e733be02fdc57628
SHA512

082cfd5984bc34605ba232df3b957ea140b7f1a52890a46fb3ad59ea17fb3baa22926be3957e46b115b3dce388b54cf52b12f1f101c3bec0f1c9f0b7258e9a9e
SSDEEP

3072:o+wjsWfwCrKu1ORnsd76NVBZwSErv/Wv8LgwIjb9fVpb:H8fOMORK6NVBZCjWvddXb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
412e4cafc45b94b243682920354f36a7_JaffaCakes118

Files

412e4cafc45b94b243682920354f36a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2d3124997d922b6ba1d213e1bd50d853

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

GetDocumentBitStg
CoUninitialize
CoGetCallContext
ComPs_IUnknown_Release_Proxy
CreateGenericComposite
ComPs_CStdStubBuffer_DebugServerQueryInterface
CoGetState
CoReactivateObject
StgConvertPropertyToVariant
OleFlushClipboard
ComPs_CStdStubBuffer_DebugServerRelease
CoTreatAsClass
WriteClassStm
HMETAFILE_UserMarshal

shell32

DragQueryFile
SheGetCurDrive
SHTestTokenMembership
SheChangeDirExW
DllGetVersion
ILIsParent
PifMgr_GetProperties
SHFlushSFCache
ExtractAssociatedIconA
SHChangeNotification_Lock
DAD_DragMove

oleaut32

VarDateFromUI4
VarUI4FromBool
BSTR_UserFree
VarRound
VarI1FromDec
VarI1FromR4
SetVarConversionLocaleSetting
GetAltMonthNames
VarDecFromI8
VarBstrFromUI4
VarDateFromR4
VarUI2FromUI1
VarUI1FromI8
ClearCustData
SafeArrayLock
VarR4FromBool

Sections

.text
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE