ce356342eda66800c6de8688b94ad001_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce356342eda66800c6de8688b94ad001_JaffaCakes118
Size

271KB
MD5

ce356342eda66800c6de8688b94ad001
SHA1

503b4cd912525a92bc7145dc34d3a030b3bc637e
SHA256

05dd3c75becad736a259c79e7c2c6a91a3afd931199e26fe029a38bd3a4d1979
SHA512

eab2c1b56cb8ef8c87ccb5a34cf3cfeea353d25336330132cc8a0500fe2f1e1e582d6c07292ef588de8d2dfdc3f98b0cc48b316ebb5fbb84dc47029b32a43219
SSDEEP

6144:o95Oh85JnujN+sfsBo3XpZGryhGyO48Yfi97R/JwbUS4DhGgxUJL1MR:os858YHBo3X7GroFq9N/JwwJANY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce356342eda66800c6de8688b94ad001_JaffaCakes118

Files

ce356342eda66800c6de8688b94ad001_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22c265f923c0ec3b41ed6abc7bd7ba6d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
GetSystemTimeAsFileTime
QueryPerformanceCounter
HeapReAlloc
HeapDestroy
IsBadWritePtr
VirtualAlloc
VirtualFree
SetLastError
TlsAlloc
EnumSystemLanguageGroupsW
HeapAlloc
GetCurrentProcessId
GetWriteWatch
HeapCreate
VirtualQuery
TlsFree

oleacc

CreateStdAccessibleObject
AccessibleChildren

winmm

mciSendCommandA

user32

GetDlgItem
SetWindowTextA
LoadImageA
CreateWindowExA
GetWindow
LoadStringA
DestroyIcon
GetParent

shell32

SHChangeNotify
SHGetMalloc
SHGetPathFromIDListW

shlwapi

PathAddBackslashW

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ