JaffaCakes118_4d144e673c22f4dbf1b909a12a34c291 | Triage

Sharing

General

Target

JaffaCakes118_4d144e673c22f4dbf1b909a12a34c291
Size

167KB
MD5

4d144e673c22f4dbf1b909a12a34c291
SHA1

bb16af5ce75aca73749fe417b966e07314e9343d
SHA256

6ef37dfefa7c2103ebee671b0f71e6d92388065d3f1ae5fbdee3fc10fc5955eb
SHA512

c5fb17732ec5fae36e94e52465979e3f9450f4af5b1cd45b1bc844d7528847f077fbdb59ae1120f548562cb304e8f252d76437a260cb4aefe9766fad07225c88
SSDEEP

3072:R6qyiqLQQQ6POMY/DVWyOg3+4DDUgPixxRmoV8ZVmJpyDJCz74eXOlCTl:R6qyiq0GY/ZWNg3+4DAGg8ZzlCf4eXj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_4d144e673c22f4dbf1b909a12a34c291

Files

JaffaCakes118_4d144e673c22f4dbf1b909a12a34c291
.exe windows:4 windows x86 arch:x86

e7304b0416b5a1a51ae337d33b4d882e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shlwapi

PathCombineW
PathFileExistsW

ole32

CoTaskMemFree
StringFromGUID2
CoInitialize
CoRegisterClassObject
CoCreateInstance
CoUninitialize
CoTaskMemRealloc
CoRevokeClassObject
CoTaskMemAlloc
StringFromCLSID

kernel32

GetTickCount
lstrcpyA
GetACP
InitializeCriticalSection
GetLastError
GetProcessAffinityMask
FindClose
OutputDebugStringW
lstrlenW
EnumResourceNamesW
lstrcpyA
WideCharToMultiByte
GlobalAlloc
GlobalFree
lstrcmpiW
GetCPInfo
MultiByteToWideChar
FreeEnvironmentStringsW
LockResource
lstrcpyW
GetModuleHandleW

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

wsprintfW
KillTimer
GetDC
SendMessageA
CharUpperW
SetTimer
PostThreadMessageW
TranslateMessage
DispatchMessageW
CharNextW
GetMessageW
UnregisterClassA

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ