JaffaCakes118_55ae852b24e523abdd4745db06c4a838 | Triage

Sharing

General

Target

JaffaCakes118_55ae852b24e523abdd4745db06c4a838
Size

169KB
MD5

55ae852b24e523abdd4745db06c4a838
SHA1

87927f006150347e5aacb2f47d53defecd27f0da
SHA256

4f3a48c538c358f8f260695c255b977a779455fd4fe719bd369ce0e2d1222308
SHA512

871d750792cc9e2309dcb7ca466183f250f0056d2c6051f588e8029b5e93bd849e039b9517ac5cf8d2d1261791ed7cc0e6cbbbd497e39e60431e5d14177a3c69
SSDEEP

3072:3AQUpw/CpFQxIZ/ycf9pozBMd9yqM9Kg3IDXnDWTJU7Kd2bm6pr:3ARfpiO71/DLMAg3uXnqQKdmm6pr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_55ae852b24e523abdd4745db06c4a838

Files

JaffaCakes118_55ae852b24e523abdd4745db06c4a838
.exe windows:4 windows x86 arch:x86

65a60b6106ce01709a52e1baa6f09018

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shlwapi

PathCombineW
PathFileExistsW

kernel32

GetTickCount
GetLastError
lstrcpyA
WideCharToMultiByte
lstrcpyA
FindClose
GetProcessHandleCount
GetACP
EnumResourceNamesW
LockResource
OutputDebugStringW
GlobalFree
InitializeCriticalSection
lstrcpyW
FreeEnvironmentStringsA
GetCPInfo
GlobalAlloc
lstrcmpiW
MultiByteToWideChar
lstrlenW
GetModuleHandleW

ole32

CoRevokeClassObject
CoUninitialize
CoRegisterClassObject
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
StringFromGUID2
CoTaskMemAlloc
CoInitialize
StringFromCLSID

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

GetMessageW
KillTimer
wsprintfW
GetDC
CharUpperW
TranslateMessage
CharNextW
PostThreadMessageW
SetTimer
DispatchMessageW
SendMessageA
UnregisterClassA

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ