d526976add9c4301786b26bc8016dc5f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d526976add9c4301786b26bc8016dc5f_JaffaCakes118
Size

173KB
MD5

d526976add9c4301786b26bc8016dc5f
SHA1

42123337125f54992d579f471f6074a2bc3d0408
SHA256

92bc6f525f30915f596b400b1cc8d5366f0831a27b2d53d3d4b283d833934d14
SHA512

0bcdf13b80a805817c65f2fb1541b7dcbad86e32ad1dffdc146c0cdc64ebe7ba0b2b2e760ebbf867d68a6673eca9334c9795be46b3c29bd81074e7e43c705995
SSDEEP

3072:1ZGqjriNOxBBlbvse9K9iiKI6QtvG0dNODAA8WXMdmV9ln:1ZG+GWixK94vzuDAGXt9x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d526976add9c4301786b26bc8016dc5f_JaffaCakes118

Files

d526976add9c4301786b26bc8016dc5f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30d96ccb5f034df9c9058b51e801f1ea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW
PathFileExistsA
StrStrIW

kernel32

GetCalendarInfoA
SizeofResource
CreateFileW
LockResource
LoadLibraryExW
LoadLibraryW
LeaveCriticalSection
LoadResource
FindResourceA
GetModuleHandleA
SystemTimeToFileTime
EnumResourceNamesA
CloseHandle
HeapFree
HeapDestroy
FindFirstFileW
GetVersionExA
WriteFile
HeapAlloc
GetSystemTime
lstrcpynW
GetProcessHeap
FindResourceExA
GetStdHandle
TerminateProcess

ole32

CoGetMalloc
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ