8e13bca12aa71ed520b2e79a6674fb35_JaffaCakes118 | Triage

Sharing

General

Target

8e13bca12aa71ed520b2e79a6674fb35_JaffaCakes118
Size

273KB
MD5

8e13bca12aa71ed520b2e79a6674fb35
SHA1

3ebbb13dd95aba49fc9509edf6f11f846efff969
SHA256

eb473a366c9856e2d3b1c5842d950aadbe467a5b2197562559fbac917eb2e4c5
SHA512

2247dd3fac1395d16166c1fcadb1419873af698b85b68d0cd45f79ecfda69b4892df78b966e61859326f7441766c58e3e3fb6a4a499dd133213c1833765c171a
SSDEEP

6144:jXG7BIGz2K7ni7g4LMnb9wf16631v9aE7R/eP/pEcpuw0rGSek9ke:j2dIGz2f7gnZwkk1vAEtWP3pv0r5Rue

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e13bca12aa71ed520b2e79a6674fb35_JaffaCakes118

Files

8e13bca12aa71ed520b2e79a6674fb35_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a461b86309b671c1a3c3fdb8904f983e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
HeapAlloc
lstrcpyA
LoadResource
GetModuleHandleA
CreateFileA
LoadLibraryExA
IsDBCSLeadByte
EnumResourceTypesA
MultiByteToWideChar
InterlockedDecrement
lstrcpynA
FindFirstFileExW
FreeLibrary
SizeofResource
WideCharToMultiByte
FindResourceA
ReadFile
lstrcmpiA
InterlockedIncrement

msimg32

TransparentBlt

oleacc

GetOleaccVersionInfo
CreateStdAccessibleObject

Sections

.text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ