JaffaCakes118_e6c71130597fda963ac0528307de759f | Triage

Sharing

General

Target

JaffaCakes118_e6c71130597fda963ac0528307de759f
Size

178KB
MD5

e6c71130597fda963ac0528307de759f
SHA1

1b39189db375112568a7ba703d070dd52593776b
SHA256

2bfa9bac08223b802bd1fcce56c8a8d0e2df609658c5e6c84f0910e7b12fa4fd
SHA512

f2803de602cc2cef0621ec75f6696c9ef79e24e5c62886c94a8c9868f3b285430d4db9304516d6190438af18edc229acd2ca99061799169ec04c07213d5f1346
SSDEEP

3072:hl4ke/fmNZuo0eMGuIA2i5KUU6bBfsxwRvqaz5OXLhblsBRFGGhNMhqRs1sjx:hle2ND0ebAGf6l0uTVOXnsPEW6qRs1sd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_e6c71130597fda963ac0528307de759f

Files

JaffaCakes118_e6c71130597fda963ac0528307de759f
.exe windows:4 windows x86 arch:x86

6a4376667598decfd007109c974ad6a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

StringFromIID
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

shlwapi

PathFileExistsW

advapi32

RegQueryValueExA
RegCreateKeyExA
RegOpenKeyA
RegEnumKeyExA
RegCloseKey
RegOpenKeyExA
RegDeleteKeyA
RegSetValueExA

kernel32

VirtualQueryEx
MultiByteToWideChar
LocalAlloc
lstrlenA
EnumResourceNamesA
CreateProcessA
RaiseException
WideCharToMultiByte
OpenJobObjectW
GetSystemTimeAsFileTime
InterlockedExchange

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ