c9eac63f583edaca596e4102c3900771_JaffaCakes118 | Triage

Sharing

General

Target

c9eac63f583edaca596e4102c3900771_JaffaCakes118
Size

156KB
MD5

c9eac63f583edaca596e4102c3900771
SHA1

2c35aa8aeb1a5d898f05d5f1af8fe732bf4bdd24
SHA256

b841c253a2fc6b627b2a278cd6d1fea9cf88fde99d28ef11a2644d0ed22f6480
SHA512

0186f89a4a059416705c60b3d4dbd3337b8bc8bff8804e49dd66aa8d5de296a3a71c91c324c3b2374117d639a57f613408d0af54d441fc124683f59c78a83ac5
SSDEEP

3072:UfWtcjNULF5L1PBzQCZys7BDipPSfazCwrbjGuWQGOxv:QtjqLF5L1fZys7BDwPCcGu0Ot

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9eac63f583edaca596e4102c3900771_JaffaCakes118

Files

c9eac63f583edaca596e4102c3900771_JaffaCakes118
.exe windows:4 windows x86 arch:x86

118532e8fdf962ac535d8a7ef39497a5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

CharUpperW
GetDC
DispatchMessageW
TranslateMessage
SendMessageA
SetTimer
PostThreadMessageW
wsprintfW
CharNextW
GetMessageW
KillTimer
UnregisterClassA

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
CoRevokeClassObject
CoCreateInstance
CoUninitialize
CoTaskMemAlloc
CoInitialize
CoRegisterClassObject
StringFromCLSID

kernel32

GlobalAlloc
lstrcpyA
OutputDebugStringW
InitializeCriticalSection
GetTickCount
GetLastError
GetProcessAffinityMask
LockResource
lstrcmpiW
lstrcpyW
EnumResourceNamesW
MultiByteToWideChar
GlobalFree
GetCPInfo
lstrcpyA
GetACP
lstrlenW
FreeEnvironmentStringsW
WideCharToMultiByte
FindClose
GetModuleHandleW

shlwapi

PathCombineW
PathFileExistsW

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ