d4df64204d626ac2b93c95809b6a6812_JaffaCakes118 | Triage

Sharing

General

Target

d4df64204d626ac2b93c95809b6a6812_JaffaCakes118
Size

165KB
MD5

d4df64204d626ac2b93c95809b6a6812
SHA1

110b0bcb0ee9d19dcef8527ebc79ee1a86a356cd
SHA256

c95d187058c220ca764ccaacfe5519bc8e52b52f67a49735cb5f9df88473dbe9
SHA512

e03a9afbfa3933006cc9c5cff77571550f5d4c0d0c9bd3f7c5fe4472c5817dee5b82aacc86d5907e7d69071a90d82a62c86e31b64b4ef049448f2becdd0de5f1
SSDEEP

3072:W0UIFat2RYIKlYeOvW/FPgxt69odYzMBRjQgnzYYXN6oT1AkZBuBLh:ausWKlWO/FYldYz8jQo6oT1xah

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4df64204d626ac2b93c95809b6a6812_JaffaCakes118

Files

d4df64204d626ac2b93c95809b6a6812_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f855dbbdffb54ab2a5b228ea4fed0034

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCalendarInfoA
LockResource
LeaveCriticalSection
FindResourceExA
GetSystemTime
CloseHandle
HeapDestroy
lstrcpynW
SystemTimeToFileTime
HeapFree
EnumResourceNamesA
GetStdHandle
FindResourceA
LoadLibraryW
GetModuleHandleA
CreateFileW
FindFirstFileW
SizeofResource
WriteFile
GetVersionExA
GetProcessHeap
HeapAlloc
LoadResource
LoadLibraryExW
TerminateProcess

shlwapi

PathFileExistsA
PathFileExistsW
StrStrIW

ole32

CoGetMalloc
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ