JaffaCakes118_6194d426e72ce347073a9d734ee35429 | Triage

Sharing

General

Target

JaffaCakes118_6194d426e72ce347073a9d734ee35429
Size

180KB
MD5

6194d426e72ce347073a9d734ee35429
SHA1

3d7520b2387352a480fae6273d667c8f9d137dde
SHA256

31fe5610b77ae98968b1abe73e6cf6aaa201a431c5f1f7a9cfbca74c284306ae
SHA512

8e4bdad0625801ea0d5087e501466627a9b9df1a6bdce77c8c84ec39643ed327c2e477bb125aabc4f5cd1dd39a5bce9b46396e8e08ac4dbd58f4589c154bfd68
SSDEEP

3072:try0hazeri4zgH3Bffy/cF6ZEKIdN6+uGyEn2tz/NBXOPen1F+P6JQ2F4vKG5Md:tr/rhzOfh6ZgfuG1ezNBePN1k4vLQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6194d426e72ce347073a9d734ee35429

Files

JaffaCakes118_6194d426e72ce347073a9d734ee35429
.exe windows:4 windows x86 arch:x86

f1c7e564a156a0302cf04fed75fc2c2e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
GetOEMCP
HeapFree
GetStringTypeW
LCMapStringW
RtlUnwind
GetCPInfo
GetACP
EnumResourceTypesW
LCMapStringA
InterlockedExchange
WriteFile
LZCopy
GetStringTypeA
VirtualAlloc
SetUnhandledExceptionFilter
LoadLibraryA
GetCurrentProcess
GetLocaleInfoA

msimg32

TransparentBlt

oleacc

GetOleaccVersionInfo
AccessibleObjectFromEvent

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ