JaffaCakes118_3180fc9e95600ae2348d280ce0f432ea | Triage

Sharing

General

Target

JaffaCakes118_3180fc9e95600ae2348d280ce0f432ea
Size

167KB
MD5

3180fc9e95600ae2348d280ce0f432ea
SHA1

d2715b1ef61c45faf91f37a02dc003f495de41a0
SHA256

a5f4cedb35c92a09e104f8facd28239f47719c7085ac6394e74d7532b25f11c5
SHA512

31926d6039c369a5b873b9cc395cf89a67c8ab214cf141882688c3cbc5a1131bccecbb815aef37491daa3afccda962ca1579210afb9922a4e3c53cba81122b19
SSDEEP

3072:ljCoogYeZEcpONQ2Au9lbB0lrW5q7QiFDcE833a8YPxcUXXWExxJY63y:lj9/7ZlODVlbB0lBAha86NJjy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_3180fc9e95600ae2348d280ce0f432ea

Files

JaffaCakes118_3180fc9e95600ae2348d280ce0f432ea
.exe windows:4 windows x86 arch:x86

361730521f63acc32c3a5c8249d3d804

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

lstrcpyW
lstrcpyA
OutputDebugStringW
LockResource
lstrlenW
GetTickCount
GetProcessAffinityMask
lstrcpyA
GetACP
EnumResourceNamesW
GlobalAlloc
WideCharToMultiByte
lstrcmpiW
InitializeCriticalSection
FreeEnvironmentStringsW
FindClose
MultiByteToWideChar
GetCPInfo
GlobalFree
GetLastError
GetModuleHandleW

user32

TranslateMessage
GetMessageW
wsprintfW
CharNextW
SetTimer
CharUpperW
GetDC
KillTimer
PostThreadMessageW
SendMessageA
DispatchMessageW
UnregisterClassA

shlwapi

PathCombineW
PathFileExistsW

ole32

CoTaskMemFree
CoRevokeClassObject
CoCreateInstance
CoUninitialize
CoTaskMemRealloc
StringFromGUID2
CoRegisterClassObject
CoInitialize
CoTaskMemAlloc
StringFromCLSID

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ