f7fe5b9df14c50155386cd2c61b876cb_JaffaCakes118 | Triage

Sharing

General

Target

f7fe5b9df14c50155386cd2c61b876cb_JaffaCakes118
Size

315KB
MD5

f7fe5b9df14c50155386cd2c61b876cb
SHA1

9b61cfcec6ec6c016585c7775c15df8aa24f946a
SHA256

dbdde1a9fce9374a6adb8267c02814b386d33d6407cc7e91d0c3621cd7fd21f9
SHA512

7210a7ad176219bfd2943345035256f4fdb83843793874aa309fc340b6dc61a84cda91d1c7111c18951e6774f28805473af6048a9c70634255dc1f881e640291
SSDEEP

6144:eIebA5CHz6v+RbzOOTpmTzTutpicDwiXcPmh+v93ORPr4vqADn6fG:eIcA5/8bzTpAmtpD3XcPmh+v9yuqVfG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7fe5b9df14c50155386cd2c61b876cb_JaffaCakes118

Files

f7fe5b9df14c50155386cd2c61b876cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

496961180f8c3a18d9949cc980240d97

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
TlsGetValue
DebugBreak
OutputDebugStringA
WriteConsoleW
GetLocaleInfoA
HeapReAlloc
EnumSystemLanguageGroupsW
OutputDebugStringW
GetTimeZoneInformation
GetStringTypeW
LCMapStringW
CompareFileTime
LCMapStringA
IsValidCodePage
GetCPInfo

oleacc

DllGetClassObject
CreateStdAccessibleObject

ole32

CoUninitialize
StringFromGUID2
CoInitialize
CoCreateInstance
ReleaseStgMedium
CreateClassMoniker
CoGetObject
GetRunningObjectTable
CoTaskMemAlloc
FreePropVariantArray
CoTaskMemFree

winmm

sndPlaySoundA

shell32

SHChangeNotify
SHGetPathFromIDListW

oledlg

OleUIBusyW

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 215KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ