f5133b2fb0c4115743b3b6fed50ea453_JaffaCakes118 | Triage

Sharing

General

Target

f5133b2fb0c4115743b3b6fed50ea453_JaffaCakes118
Size

162KB
MD5

f5133b2fb0c4115743b3b6fed50ea453
SHA1

4ad98c7e348cdf89859fc5037d1a08ed969e651e
SHA256

47e8f2485bda23ae2fa374483d25e5290de3e723d6235028c119acb511d7ea72
SHA512

0f95ca06cf1f70721f313cf5d4c2970b2c507166885fcdf90737f5996b2355bcc2d3e4fc130d12eef459ab987f041a9cc4e00daf845a5b04fc2f69c1bbb1de3d
SSDEEP

3072:mBY2XOIO4oAs1q2qxynxne+BdO2uPTpyOXbITcuHuOlHgKBF4EmXJIIE2n:mB/OU41USxnb1uLpy6bIcuFneIIE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5133b2fb0c4115743b3b6fed50ea453_JaffaCakes118

Files

f5133b2fb0c4115743b3b6fed50ea453_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22cc61db1e541bc355d4252439f20d01

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoCreateInstance
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemRealloc
CoUninitialize
StringFromGUID2
CoInitialize
CoTaskMemFree
StringFromCLSID

shlwapi

PathCombineW
PathFileExistsW

kernel32

lstrcpyA
lstrcpyW
GetCPInfo
lstrlenW
lstrcmpiW
lstrcpyW
CheckRemoteDebuggerPresent
GetLastError
EnumResourceTypesA
GlobalFree
FindClose
MultiByteToWideChar
OutputDebugStringW
LockResource
GlobalAlloc
GetACP
DeleteCriticalSection
InitializeCriticalSection
WideCharToMultiByte
GetTickCount
GetModuleHandleW

user32

CharNextW
wsprintfW
SendMessageW
PostThreadMessageW
CharUpperW
GetMessageW
KillTimer
SetTimer
GetDC
TranslateMessage
DispatchMessageW
UnregisterClassA

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ