2f76530fef2bd4323024ce0b7ee76bf2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f76530fef2bd4323024ce0b7ee76bf2_JaffaCakes118
Size

183KB
MD5

2f76530fef2bd4323024ce0b7ee76bf2
SHA1

c9419e8bf00bcdcd328ff5108d0efb9508aedad2
SHA256

18c26d9ef3934537339fec54248a33b9702378a73f3ebe5baf6c8779fe894bca
SHA512

37919a52442126202a576bb0e590cd7ace2917ff19672c43d01c6b8ca5e0c316f7e6dde195a9246d749fcc8495ad8eb4cd20f1f3c88762c21f93857596099825
SSDEEP

3072:mcI9HI7qTs/Qag5XUZfAYRjbyQPn61Px3J+3lSCF8IF24vsJ:mcI9HIsX7dOX7Pm3U3MC+vMG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f76530fef2bd4323024ce0b7ee76bf2_JaffaCakes118

Files

2f76530fef2bd4323024ce0b7ee76bf2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e8ff1fd144e6a75802bef53ac38172a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetMalloc
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

kernel32

GetCalendarInfoW
LockResource
LoadResource
LoadLibraryExW
FindResourceExA
lstrcpynW
GetProcessHeap
HeapFree
GetModuleHandleA
CreateFileW
CloseHandle
EnumResourceNamesA
HeapDestroy
FindResourceA
GetStdHandle
GetVersionExA
LeaveCriticalSection
FindFirstFileW
GetSystemTime
SizeofResource
LoadLibraryW
SystemTimeToFileTime
HeapAlloc
WriteFile
TerminateProcess

shlwapi

PathFileExistsA
PathFileExistsW
StrStrIW

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ