cba945ba02513bf7718cf1eb4928c9bb_JaffaCakes118 | Triage

Sharing

General

Target

cba945ba02513bf7718cf1eb4928c9bb_JaffaCakes118
Size

176KB
MD5

cba945ba02513bf7718cf1eb4928c9bb
SHA1

9d0e337b273a6d86ab1d225e2f8114764dba2702
SHA256

b55b4feeb47027355a90408d646e59a0e2a713e6844a4eedafdb3306dae5ef3d
SHA512

d406dca702d3f29c9fe360a8a6f1a3b6678a3df821b85496f030b0dde6f801f96374649d694680f6569d1b428b84d856f7ff4dcb3350ea1296bc0aa5ad965f60
SSDEEP

3072:SsqaCGaja8sDzVAN03dEoK5GFCpmyXpL23nmGAMftzShQKoQ9VA+p6WT0oTBgHtg:JAvjaFDSFod6oftWhQKomIm0150

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cba945ba02513bf7718cf1eb4928c9bb_JaffaCakes118

Files

cba945ba02513bf7718cf1eb4928c9bb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cb660d9fdffc548ab508fcc99efff8f8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WideCharToMultiByte
GlobalAlloc
lstrcpyA
lstrcpyW
lstrcpyA
CheckRemoteDebuggerPresent
DeleteCriticalSection
lstrlenW
EnumResourceNamesA
FindClose
GetLastError
MultiByteToWideChar
OutputDebugStringW
GetCPInfo
InitializeCriticalSection
lstrcmpiW
GetACP
GetTickCount
LockResource
GlobalFree
GetModuleHandleW

oleacc

LresultFromObject
CreateStdAccessibleObject

shlwapi

PathCombineW
PathFileExistsW

user32

KillTimer
GetDC
DispatchMessageW
SendMessageW
TranslateMessage
CharUpperW
GetMessageW
CharNextW
wsprintfW
SetTimer
PostThreadMessageW
UnregisterClassA

ole32

CoUninitialize
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemFree
CoInitialize
CoTaskMemAlloc
CoTaskMemRealloc
StringFromGUID2
CoCreateInstance
StringFromCLSID

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ