3bc3536016ad919e9bd88f8d68336eaa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3bc3536016ad919e9bd88f8d68336eaa_JaffaCakes118
Size

209KB
MD5

3bc3536016ad919e9bd88f8d68336eaa
SHA1

686562d7d5430084bd111b36bb73b620e0bf49fd
SHA256

16ad8ab6775c42b246f8a2303f3fe52222ddc4d129b068d013755a42a3c05119
SHA512

1b05637b519fe6468287132fd5f31fda2ebb4fff207cc99d8bfe867006ee405dcc4e9bfc29e07c0b6262569073cbd67dab664b98c1e8db3b5f61d3ab06969cc2
SSDEEP

6144:+ETJW2Mgcz9J72/Mol5dBjBfh2P9Qe7Oh:+ETcZgcz992/MMfBIP9m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bc3536016ad919e9bd88f8d68336eaa_JaffaCakes118

Files

3bc3536016ad919e9bd88f8d68336eaa_JaffaCakes118
.exe .ps1 windows:4 windows x86 arch:x86 polyglot

44900f5a3f89ad146476d4aba1bbcda7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

HeapAlloc
GetCalendarInfoW
WriteFile
GetStdHandle
CreateFileW
HeapSize
CloseHandle
HeapDestroy
SystemTimeToFileTime
GetProcessHeap
EnumResourceNamesA
GetSystemTime
LoadLibraryW
FindFirstFileW
HeapReAlloc
GetThreadLocale
LoadLibraryExW
GetLocaleInfoA
HeapFree
lstrcpynW

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

ole32

CoGetMalloc
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

Sections

.text
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ