JaffaCakes118_6af302837f6b3629440664ad4eaffb30 | Triage

Sharing

General

Target

JaffaCakes118_6af302837f6b3629440664ad4eaffb30
Size

885KB
MD5

6af302837f6b3629440664ad4eaffb30
SHA1

08fd81dccace3c22da738c4c23c11291b4408c91
SHA256

adc22749c5d4547c94a7e5ac9d4d10a1dceb232469caa6ddd1bac4afc92699d2
SHA512

892a1865ccd8b090fc10df81e3844507ce1b7e579d23441ed108cf3bae53ac428894e381a22d72419516e9b5b3d72c6d1569d4ec1bb3f8f759902f2a1d984e8f
SSDEEP

24576:IgOCK33kZnEvq3Rh4P1998MmYEaucKwlyHn8M1Hp:dOhnmZWU/wOLHp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6af302837f6b3629440664ad4eaffb30

Files

JaffaCakes118_6af302837f6b3629440664ad4eaffb30
.exe windows:5 windows x86 arch:x86

117351fff74356c2da862d034ee0aa69

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
CloseHandle
GetCurrentProcess
HeapCreate
HeapDestroy

user32

wsprintfA
CharLowerBuffA
CloseWindow
SetWindowLongA

advapi32

RegDeleteKeyA
RegEnumKeyA
RegCreateKeyA
RegDeleteValueA

ole32

CoInitialize
CoGetClassObject
OleRun
CoInitializeEx

Sections

.text
Size: 34KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 776KB - Virtual size: 775KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.adata
Size: 68KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE