368e5f1060906cf0593d04f9c73bd1e0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

368e5f1060906cf0593d04f9c73bd1e0_JaffaCakes118
Size

167KB
MD5

368e5f1060906cf0593d04f9c73bd1e0
SHA1

19565ea2f488e8c250fff936cbca2f71195a8df3
SHA256

1cbbdb1188a9f9dbdb86a53b9edbfd8d25a8c1883cf9281d13ac7ad6bd3dda5c
SHA512

bd1ce807de04f738350c048672db1b463885745bdb2c915e71b14ba149c2653b66fbe95c79aedb1f16af37824b5656cc62586eb4c6b150c50c0b6f3c17867d1a
SSDEEP

3072:LvqIRu2t1uRKeb1I4PScxju0u88Bd2b8K3mSR4f8HX3:LvqIR4Kgr1Q5d2brbW6n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
368e5f1060906cf0593d04f9c73bd1e0_JaffaCakes118

Files

368e5f1060906cf0593d04f9c73bd1e0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c9aa7fafeb5f21536ee262b0b96ba3c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsA
PathFileExistsW
StrStrIW

ole32

CoGetMalloc
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

LoadLibraryExW
WriteFile
GetCalendarInfoW
HeapDestroy
CloseHandle
LeaveCriticalSection
LoadLibraryW
GetVersionExA
HeapAlloc
LockResource
SystemTimeToFileTime
GetSystemTime
EnumResourceNamesA
FindResourceExA
CreateFileW
LoadResource
FindFirstFileW
GetStdHandle
SizeofResource
HeapFree
GetProcessHeap
FindResourceA
GetModuleHandleA
lstrcpynW
TerminateProcess

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ