ec9062adfc65552a82d719f4932c361d_JaffaCakes118 | Triage

Sharing

General

Target

ec9062adfc65552a82d719f4932c361d_JaffaCakes118
Size

154KB
MD5

ec9062adfc65552a82d719f4932c361d
SHA1

96c5ef9f64b07539671c960cfcf3012e27e6f33a
SHA256

5b1215f9c6427d230ac02aca1e84c7f81820bf08d2dd02376d1d84e40e0037cf
SHA512

e46ab4450c92a1546185de5f67e9ffe9131aa43eeb423712ddebd28c9e82857fee9491c108bb5e4ffd00311fde3828c73c33ce5e73dd39de26192ba655172fbb
SSDEEP

3072:dXo/UUiDDlZe/dYmxzdhoCBWZ7ehyVvB27CVKuZEIrv5:dXNUAlZeeAnoCye8527qKkrx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec9062adfc65552a82d719f4932c361d_JaffaCakes118

Files

ec9062adfc65552a82d719f4932c361d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9d07f2dd6e20bf3233f937c54033a253

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

OutputDebugStringW
FindClose
lstrcpyW
lstrlenW
GlobalFree
CheckRemoteDebuggerPresent
lstrcpyA
GetLastError
lstrcpyW
GlobalAlloc
EnumResourceTypesA
GetTickCount
LockResource
WideCharToMultiByte
GetCPInfo
MultiByteToWideChar
lstrcmpiW
InitializeCriticalSection
DeleteCriticalSection
GetACP
GetModuleHandleW

user32

KillTimer
CharUpperW
SendMessageW
DispatchMessageW
wsprintfW
GetDC
PostThreadMessageW
CharNextW
GetMessageW
TranslateMessage
SetTimer
UnregisterClassA

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ