JaffaCakes118_1fcbb0cbf116c2e621a7c4adb7d0e768 | Triage

Sharing

General

Target

JaffaCakes118_1fcbb0cbf116c2e621a7c4adb7d0e768
Size

175KB
MD5

1fcbb0cbf116c2e621a7c4adb7d0e768
SHA1

1fd71babfef6a0011ad13a73f712fe9fc6e62fcb
SHA256

01d02ddc2f00b0b195dab2b87f7979f477fe227afaf1516f01b6c88a9d726a2c
SHA512

55616025614d2806e81df4e3a5b56ce05333105f100183e757b8b10649c429aafefdc0e6312e7c60a15193e8ae02e9aedcd15659599699558ad64cc242dc0288
SSDEEP

3072:t7cak4yzm8z61olcDGLKJ6cM9J9NJmjlac6DlFwQhsZGvt36w6gH+:t7g88CoRWJe9JTbFlFsZGvtKw0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_1fcbb0cbf116c2e621a7c4adb7d0e768

Files

JaffaCakes118_1fcbb0cbf116c2e621a7c4adb7d0e768
.exe windows:4 windows x86 arch:x86

bf2e86ab91fcb4f4dae6f3e54fc85cb1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WideCharToMultiByte
lstrcpyW
DeleteCriticalSection
GetACP
CheckRemoteDebuggerPresent
OutputDebugStringW
MultiByteToWideChar
GetTickCount
lstrcpyA
GlobalAlloc
EnumResourceTypesA
GetCPInfo
lstrlenW
GetLastError
InitializeCriticalSection
LockResource
lstrcpyW
GlobalFree
lstrcmpiW
FindClose
GetModuleHandleW

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

KillTimer
CharUpperW
GetDC
TranslateMessage
wsprintfW
PostThreadMessageW
SetTimer
SendMessageW
CharNextW
DispatchMessageW
GetMessageW
UnregisterClassA

Sections

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ