JaffaCakes118_6a87b4fd150249c538cd52c7c3614820 | Triage

Sharing

General

Target

JaffaCakes118_6a87b4fd150249c538cd52c7c3614820
Size

109KB
MD5

6a87b4fd150249c538cd52c7c3614820
SHA1

789341c6b81cdd9fd2750af70bb0ef40cf193dad
SHA256

2c6d100fa90ff7ff9a0b736ac220b41484be784713ef1ceea0671b9e6dfe4001
SHA512

34ec0c6e6764705aa2f902d563ec8f08dde9c5581524470e560fcee025f30bf18c09f16c3b6a67a2f28a8859e5a52495a4668fd4c1b4b342a51b1e999191920e
SSDEEP

3072:0zDGNKzsXjonnXhstrG/YNFxl2VvbkISMiIbeops:eGNLoxstriex8VvbkBMCoS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6a87b4fd150249c538cd52c7c3614820

Files

JaffaCakes118_6a87b4fd150249c538cd52c7c3614820
.exe windows:5 windows x86 arch:x86

b396167cfcb91ae45d2e7d45c9eab74e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteConsoleW
GetPrivateProfileSectionW
AddAtomW
CopyFileA
HeapSize
VirtualProtect
CancelIo
GetDriveTypeW
lstrlenW
Sleep
LoadLibraryW
HeapDestroy
WriteConsoleW
GetStartupInfoA
GetFileAttributesA
WriteConsoleW
GetCommandLineA
DeleteFileA
GetProcessHeap
SetEvent
lstrcpyA

mmcndmgr

DllGetClassObject
DllRegisterServer
DllRegisterServer
DllCanUnloadNow

dsprop

CheckADsError
MsgBox
FindSheet
MsgBox
FindSheet
ReportError
FindSheet
CheckADsError
ReportError
ErrMsg
MsgBox
ErrMsg
ErrMsg

Sections

.text
Size: 1024B - Virtual size: 780B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 274B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 67B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE