0e503c91e57f4d45c07cb194d548667c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e503c91e57f4d45c07cb194d548667c_JaffaCakes118
Size

178KB
MD5

0e503c91e57f4d45c07cb194d548667c
SHA1

5e2e61792b5c541580df330859f25f99cb201794
SHA256

98b4e9a536228043c54df15c636a0d8e40d5d24e377ac9ed69b9daaf234430e2
SHA512

3a83fa078950c34f7e677396e68a7be76d81e4cd4041fe1f2f12c3dd1430e54756a9a7a89888d7d51720745677d4f1b770413df65eb1044269568e31b7f1d0c3
SSDEEP

3072:0A7BwgnDFh3mbvWcumDgPLcz9ZZ15nJS/F3ExQpLGC:0YbmbuchDgzUTPS7L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e503c91e57f4d45c07cb194d548667c_JaffaCakes118

Files

0e503c91e57f4d45c07cb194d548667c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ed54ebdefc959a1e98434d597e385a45

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoGetMalloc
ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

shlwapi

PathFileExistsA
PathFileExistsW
StrStrIW

kernel32

GetCalendarInfoA
FindResourceExA
LeaveCriticalSection
CloseHandle
GetSystemTime
LoadLibraryW
SizeofResource
lstrcpynW
SystemTimeToFileTime
GetStdHandle
LoadLibraryExW
CreateFileW
LockResource
EnumResourceNamesA
GetProcessHeap
GetVersionExA
FindResourceA
FindFirstFileW
HeapDestroy
GetModuleHandleA
HeapFree
LoadResource
HeapAlloc
WriteFile
TerminateProcess

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ