f6bf395b1f55d3eccc3b732027df00df_JaffaCakes118 | Triage

Sharing

General

Target

f6bf395b1f55d3eccc3b732027df00df_JaffaCakes118
Size

162KB
MD5

f6bf395b1f55d3eccc3b732027df00df
SHA1

f8ec0394db9282513356c35d47b69d34cdee36e7
SHA256

c30c371b4e0da20983670e2452290af8426f220458be9cf9480c99fada6d4d63
SHA512

0eee87379c5bfe26e00e1c1aa4094261746e4129775be56a990d40fc42114306e78ed0c9155bd11ec8c7a6529e2231b8a2c1d8c6d8658031aaee03488316308f
SSDEEP

3072:LMODL73WjsA8tN+1SBUUFmb3dljc7ZvizLKuUpPb25ZCiMUslLAH0TjRd3yeCo:oYL7GjNH1SZUzzw1+KZpi5bMoUTjXGo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6bf395b1f55d3eccc3b732027df00df_JaffaCakes118

Files

f6bf395b1f55d3eccc3b732027df00df_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1935b56955352ede458d9f3feb45fa5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

MultiByteToWideChar
lstrcpyW
WideCharToMultiByte
lstrlenW
DeleteCriticalSection
CheckRemoteDebuggerPresent
LockResource
GlobalFree
lstrcmpiW
GetACP
EnumResourceTypesA
FindClose
GetCPInfo
GlobalAlloc
lstrcpyW
GetTickCount
GetLastError
InitializeCriticalSection
OutputDebugStringW
lstrcpyA
GetModuleHandleW

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

CharNextW
SetTimer
PostThreadMessageW
KillTimer
DispatchMessageW
GetDC
CharUpperW
wsprintfW
GetMessageW
SendMessageW
TranslateMessage
UnregisterClassA

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ