JaffaCakes118_a9f4dd05848bc161f07f25e4cbd7a39c | Triage

Sharing

General

Target

JaffaCakes118_a9f4dd05848bc161f07f25e4cbd7a39c
Size

193KB
MD5

a9f4dd05848bc161f07f25e4cbd7a39c
SHA1

3dda08ba4c98955387ddb723dec4bffaf5983eb7
SHA256

6a42333eee223a81af76e46d605ca15750c1bab184f04f5d00db99b2730a29cc
SHA512

dcc1ef3c4c4278b9c344d2658357dc209c2076516767b08157f01f737a4c71d07e5474b8f47d8be2a9771828feaa62137cb0ecc84d7e004b761824f17ba7939e
SSDEEP

3072:yHHN8CLR+nW80MxHlyltZclt2+P2akh/LkI3XOUOOTcQ5E7W/Tuetf86kru:0HjsmYlMtOt282VhQSTcvW706R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_a9f4dd05848bc161f07f25e4cbd7a39c

Files

JaffaCakes118_a9f4dd05848bc161f07f25e4cbd7a39c
.exe windows:4 windows x86 arch:x86

fd3dfc64bcaab2a41c03febad1489b11

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleTranslateAccelerator
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc

oleacc

CreateStdAccessibleObject

kernel32

HeapAlloc
CreateEventA
lstrcatA
QueryMemoryResourceNotification
DeleteCriticalSection
InitializeCriticalSection
lstrcpyA
InterlockedDecrement
LoadResource
TerminateThread
SizeofResource
LocalFree
CompareStringA
GetComputerNameA
LoadLibraryA
FormatMessageA
CreateThread
GetVersion
IsDBCSLeadByte
FindResourceA
EnumResourceTypesW
InterlockedIncrement
GetCurrentProcess
lstrcmpiA
GetFileAttributesA
WaitForSingleObject
OpenProcess
GetModuleFileNameA
GetCurrentThreadId
GetCurrentThread
lstrlenA
CompareStringW
GetPrivateProfileSectionNamesA
lstrlenW
CloseHandle
SetEvent
lstrcpynA
EnterCriticalSection
GetModuleHandleA
LeaveCriticalSection
RaiseException

winmm

timeGetTime
timeSetEvent

Sections

.text
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ