41063fdb950c48fbbfab7e92e024aea6_JaffaCakes118 | Triage

Sharing

General

Target

41063fdb950c48fbbfab7e92e024aea6_JaffaCakes118
Size

137KB
MD5

41063fdb950c48fbbfab7e92e024aea6
SHA1

bc2f26d47df2798c7bc9138e80091f6687fd3eb9
SHA256

09bfa6374ae5305a27379a647f39f9d739345e01acd26a9a458d8cef7b4a3986
SHA512

ca866ea61276a02076f8c8c56a13c6471aa9ad9a23e0ab4c62f3ff729b32c6341bd1ce437f3da4a08ea1f66ecc8e9c6813822848d77de134cbafe403b7f9a765
SSDEEP

3072:eW5SrMGKQPzxZW6RQnrZXiPdopixNYS0e0bSqwbcgA53VT0GsVgG:FMKQdZWSStuIe0b2WFTQg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41063fdb950c48fbbfab7e92e024aea6_JaffaCakes118

Files

41063fdb950c48fbbfab7e92e024aea6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

be56eeae2f2c711eacb407da081e47c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgOpenStorage
CoFileTimeNow
CoUninitialize
CoCreateInstance
CoInitialize

kernel32

DisableThreadLibraryCalls
DeleteFileA
GetFileAttributesA
SetPriorityClass
GlobalDeleteAtom
lstrcpyA
GetTempPathA
EnumResourceNamesW
GetCurrentThread
ExitProcess
ResumeThread
VirtualQueryEx
OutputDebugStringA

shell32

SHGetSpecialFolderPathW
ShellExecuteExW

oleacc

LresultFromObject

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ