JaffaCakes118_6efcafcd67f55f3f028f75f5880e40fd | Triage

Sharing

General

Target

JaffaCakes118_6efcafcd67f55f3f028f75f5880e40fd
Size

154KB
MD5

6efcafcd67f55f3f028f75f5880e40fd
SHA1

ba639084abdda305a301e0b7613f67acafe49ad2
SHA256

ff3a0792954dbbadbb8df68756c26d8e981bb6332f6d41100d1342d4f43e2a9e
SHA512

9280625befabc6c58e4a8a531229d4d981007bcad3969d5df93f4b3f75cd4740b8d0e307623d610aa82f523fe156ab28bfac1eecc307c92f2c45058fd5876ae5
SSDEEP

3072:magHBId31S6RmJNZVkcqnzpKTwBstNh46Ne1:mageFNREvV+FKTDv4+e1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6efcafcd67f55f3f028f75f5880e40fd

Files

JaffaCakes118_6efcafcd67f55f3f028f75f5880e40fd
.exe windows:4 windows x86 arch:x86

65570c79c18b4eafc4901af7f3410450

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

shlwapi

PathCombineW
PathFileExistsW

user32

SendMessageA
GetDC
CharUpperW
GetMessageW
KillTimer
DispatchMessageW
CharNextW
TranslateMessage
wsprintfW
PostThreadMessageW
SetTimer
UnregisterClassA

kernel32

FindClose
lstrcpyA
lstrcpyW
lstrlenW
lstrcmpiW
GetACP
GetProcessHandleCount
GetLastError
WideCharToMultiByte
EnumResourceNamesW
GlobalFree
LockResource
GetCPInfo
InitializeCriticalSection
GetTickCount
lstrcpyA
FreeEnvironmentStringsA
GlobalAlloc
MultiByteToWideChar
OutputDebugStringW
GetModuleHandleW

ole32

CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
StringFromGUID2
CoRegisterClassObject
CoTaskMemAlloc
CoRevokeClassObject
CoInitialize
CoCreateInstance
StringFromCLSID

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ