JaffaCakes118_7aeb7e393793c9081460346fed9352aa | Triage

Sharing

General

Target

JaffaCakes118_7aeb7e393793c9081460346fed9352aa
Size

180KB
MD5

7aeb7e393793c9081460346fed9352aa
SHA1

92ef0dfc7211b2303529e7fe18a8071bbf4e0717
SHA256

a790549fa8ddbfe09d00824809c969cc5f15345f323579dea1c84bc95b23f3fe
SHA512

c60fb3885b3e5fe35626d6a8e52593a3a0379db86cf848cb1b3c21b1a76830f52d9a799915540c83ef8c547215755f11f9eca363920b80aa5fde038e69c3134a
SSDEEP

3072:YoQ+V8r79/ZwWlLGZsA9J8rFGu1Ictws/BAwu6EB1+qOmnJcJlaM:7QC8rph9LGWAD8rFG2PwiB7qfXRM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7aeb7e393793c9081460346fed9352aa

Files

JaffaCakes118_7aeb7e393793c9081460346fed9352aa
.exe windows:4 windows x86 arch:x86

3ff70eaeb5842241d31217dff214a3af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject

kernel32

PrivCopyFileExW
CreateFileMappingA
GetProcessId
MapViewOfFile
EnumResourceTypesA
ExitProcess
AddAtomW
DeleteAtom
ProcessIdToSessionId

user32

GetWindowInfo
GetUpdateRgn
CreateWindowExW
EndDialog

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ