JaffaCakes118_1613319be3944ad8a491ba247988950e | Triage

Sharing

General

Target

JaffaCakes118_1613319be3944ad8a491ba247988950e
Size

165KB
MD5

1613319be3944ad8a491ba247988950e
SHA1

f20fab2b47a47bc406262d1fe94eebbeaa3f9fea
SHA256

4cd4548a746886716533c93209467c8b5e5a143b136bd690fbdd8c8eeab8559c
SHA512

994d90172640d4c27326b8bc0f6531799d1a2ec03cef328df28f25b96f4389880d8ae05b3855038aed75dee0eff650865c95cc44f409468c96afa4ded37c9499
SSDEEP

3072:/IfhQdQrUqok5ZEo0/75HouwFoLs53cxibWS1IZgd52P8YIv+zSZO:AfcN/eE/D5HI5sxiJIcOjhzr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_1613319be3944ad8a491ba247988950e

Files

JaffaCakes118_1613319be3944ad8a491ba247988950e
.exe windows:4 windows x86 arch:x86

374e0c2517849d5d660567f1747e8394

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shlwapi

PathCombineW
PathFileExistsW

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

KillTimer
CharUpperW
DispatchMessageW
TranslateMessage
wsprintfW
GetMessageW
CharNextW
PostThreadMessageW
GetDC
SendMessageA
SetTimer
UnregisterClassA

kernel32

lstrcpyA
FindClose
InitializeCriticalSection
GetTickCount
MultiByteToWideChar
GetLastError
GetProcessAffinityMask
WideCharToMultiByte
GlobalAlloc
EnumResourceNamesW
lstrcmpiW
GetCPInfo
GlobalFree
lstrcpyA
lstrlenW
OutputDebugStringW
FreeEnvironmentStringsW
lstrcpyW
LockResource
GetACP
GetModuleHandleW

ole32

CoTaskMemRealloc
CoUninitialize
StringFromGUID2
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
CoInitialize
StringFromCLSID

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ