bdec6e8b2dae61f2b66ffd81da5f3b92_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bdec6e8b2dae61f2b66ffd81da5f3b92_JaffaCakes118
Size

183KB
MD5

bdec6e8b2dae61f2b66ffd81da5f3b92
SHA1

d749a4830cdb737098bd36f9d82fe0ac239d9a97
SHA256

d872653e784dee83d7f95fa320f13aa957adf3b0817945062b00db3d39312ec2
SHA512

e1a52371895d67c82ec93e7dff55d1db09061c64f361464ef6e038cbb6f9bc19de91c3d7883350ddcb26dca0aed5fc6742963a21e615aeebb678fdc124a41c45
SSDEEP

3072:EttAtKBu50BgsErvTDOhM6VGjeT14NiGXTenYBjaYBgR8bnmOD5/jkZZ35F:EsKBuWEbTDOrYj1NiGXTenCjaD+6atAP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bdec6e8b2dae61f2b66ffd81da5f3b92_JaffaCakes118

Files

bdec6e8b2dae61f2b66ffd81da5f3b92_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4f1342b18990930868c4451f25c72f5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsA
PathFileExistsW
StrStrIW

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

CreateFileW
SystemTimeToFileTime
HeapFree
GetCalendarInfoA
GetStdHandle
GetVersionExA
LeaveCriticalSection
GetProcessHeap
SizeofResource
GetSystemTime
lstrcpynW
WriteFile
EnumResourceNamesA
FindResourceA
FindFirstFileW
HeapAlloc
LockResource
GetModuleHandleA
LoadResource
LoadLibraryW
FindResourceExA
HeapDestroy
CloseHandle
LoadLibraryExW
TerminateProcess

ole32

CoGetMalloc
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ