918b29a560e7609cd39d2142f72bf4ed_JaffaCakes118 | Triage

Sharing

General

Target

918b29a560e7609cd39d2142f72bf4ed_JaffaCakes118
Size

197KB
MD5

918b29a560e7609cd39d2142f72bf4ed
SHA1

6e3dda463392fb0ab497ebd0945bc550b456c282
SHA256

b46fdb1531449902376d8bc1b38089d05a440aa7ea09ea2e45d5a17c2aff5e8f
SHA512

2dc2974183bc36cfc9311ea5dc195d3e5fa46d7f66660044f8f7b7b6228c9f36284120b16c4dfce3ecd156cebe7cdc97f83e5098615b5c89fdabbff1185d8534
SSDEEP

3072:pewiMia34BPppLj5nB4BoKWvSpk4SyEo0ltWofVpapaXZwYK9eo3EQm/2:Ya38jBB43HSyVE4ozapGyYKso0Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
918b29a560e7609cd39d2142f72bf4ed_JaffaCakes118

Files

918b29a560e7609cd39d2142f72bf4ed_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7ae38d6d1a3712e7a2e1601d116399de

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

ole32

CoRevokeClassObject
CoTaskMemAlloc
CoRegisterClassObject
CoTaskMemRealloc
StringFromGUID2
CoCreateInstance
CoInitialize
CoUninitialize
CoTaskMemFree
StringFromCLSID

kernel32

GlobalAlloc
lstrcpyA
InitializeCriticalSection
GetCPInfo
FindClose
GetProcessAffinityMask
lstrcpyA
LockResource
GlobalFree
EnumResourceNamesW
GetLastError
WideCharToMultiByte
lstrcmpiW
OutputDebugStringW
lstrlenW
GetACP
MultiByteToWideChar
FreeEnvironmentStringsW
GetTickCount
lstrcpyW
GetModuleHandleW

shlwapi

PathCombineW
PathFileExistsW

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

SendMessageA
DispatchMessageW
CharNextW
GetMessageW
CharUpperW
TranslateMessage
KillTimer
SetTimer
wsprintfW
GetDC
PostThreadMessageW
UnregisterClassA

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ