JaffaCakes118_642b1107928e464d62ecbfb0a58d69a9 | Triage

Sharing

General

Target

JaffaCakes118_642b1107928e464d62ecbfb0a58d69a9
Size

180KB
MD5

642b1107928e464d62ecbfb0a58d69a9
SHA1

13d4d20c816f93811d12c14f15b3f004ca34afda
SHA256

39f52488b240e3e976bc1a73740fb6036f2dd9baa642fc3450dc85e6e8be0e71
SHA512

23f0d15e8dc077327676f4f8cba1bcd2f74a4ace62ed445322483839262afa5b4367b81bd2f19a84209a4927201a7bef3d58a644d02a5a6f80f63462e13ed7ab
SSDEEP

3072:odcJ44+mge3ZvIPx5uwtF/7DK6MVs5ZeJANEijUdoFqB6ePf4W2XPF:o+S4+pe9IPx5uwX2Rs+KEua6+Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_642b1107928e464d62ecbfb0a58d69a9

Files

JaffaCakes118_642b1107928e464d62ecbfb0a58d69a9
.exe windows:4 windows x86 arch:x86

c2427407c5287ea16a163670a83b2888

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetModuleHandleA
lstrcpynA
lstrcmpiA
lstrlenW
FreeLibrary
FindResourceA
IsDBCSLeadByte
lstrcpyA
CreateFileA
EnumResourceTypesA
ReadFile
FindFirstFileExW
MultiByteToWideChar
InterlockedDecrement
SizeofResource
WideCharToMultiByte
LoadResource
LoadLibraryExA
InterlockedIncrement

oleacc

GetOleaccVersionInfo
CreateStdAccessibleObject

msimg32

TransparentBlt

Sections

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ