JaffaCakes118_622592b5f7166013ac8a63f08c1a3d80 | Triage

Sharing

General

Target

JaffaCakes118_622592b5f7166013ac8a63f08c1a3d80
Size

180KB
MD5

622592b5f7166013ac8a63f08c1a3d80
SHA1

41b14f90de662652c373a2516346d487e61a37c9
SHA256

c662ecf0275787570795de5e741538c660a0af5bb5d13879efeb653f515d6506
SHA512

42ef02e77183b448992f34fa7f1bed604166bb659cc85c54ba41b92db34fab45ef2e69197b86ed6ec478e65b65364cf9ef03f341424aebb4ae4d7d8cb83814df
SSDEEP

3072:oAuBp9xL+nU5XgZLFrDaRC9vLwg0+ONtjUGPpnsSeRHdBiw2FAUwJA834dJmY/k2:o79xLjRC6R2vEg05jLRvuDGANAddJm8V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_622592b5f7166013ac8a63f08c1a3d80

Files

JaffaCakes118_622592b5f7166013ac8a63f08c1a3d80
.exe windows:4 windows x86 arch:x86

fc13d9949120f199380f47d6c9a1a3f1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
HeapAlloc
GetModuleHandleA
FindResourceA
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
FreeLibrary
SizeofResource
EnumResourceTypesA
InterlockedDecrement
FindFirstFileExW
lstrcpyA
lstrcmpiA
CreateFileA
IsDBCSLeadByte
LoadLibraryExA
lstrcpynA
LoadResource
InterlockedIncrement

gdi32

GetStockObject

oleacc

GetOleaccVersionInfo
CreateStdAccessibleObject

Sections

.text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ