0c1129c4568dd18d01931691fc620baf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c1129c4568dd18d01931691fc620baf_JaffaCakes118
Size

165KB
MD5

0c1129c4568dd18d01931691fc620baf
SHA1

11db6f27ccd3887e89fe2f68c411cc1b802f996f
SHA256

6e2283fa9b958504e59a4694047ad48b715f2e51f67a1a815dfeac3dec75ecb6
SHA512

e191255ae6ade7c8e6f9ee2afd0b123661ef755ae3b94235bb29ef06056069f2001696cd5cd7f8bb670bcb75914c6003ca1646f30f1e3cf97cccb55d5eae83a0
SSDEEP

3072:lk914eLsvrlhixS8wUW+qCWPDsIKzZuuGSKbf46tbwY1b3l:lkpwlsxKUWjBPDsBC5j461

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c1129c4568dd18d01931691fc620baf_JaffaCakes118

Files

0c1129c4568dd18d01931691fc620baf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e8ff1fd144e6a75802bef53ac38172a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetMalloc
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

kernel32

GetCalendarInfoW
LockResource
LoadResource
LoadLibraryExW
FindResourceExA
lstrcpynW
GetProcessHeap
HeapFree
GetModuleHandleA
CreateFileW
CloseHandle
EnumResourceNamesA
HeapDestroy
FindResourceA
GetStdHandle
GetVersionExA
LeaveCriticalSection
FindFirstFileW
GetSystemTime
SizeofResource
LoadLibraryW
SystemTimeToFileTime
HeapAlloc
WriteFile
TerminateProcess

shlwapi

PathFileExistsA
PathFileExistsW
StrStrIW

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ