db4400d1465f618790010dbb7fe5ffa9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

db4400d1465f618790010dbb7fe5ffa9_JaffaCakes118
Size

167KB
MD5

db4400d1465f618790010dbb7fe5ffa9
SHA1

c2aaf53c6a797322e81e0c4298db13f4c4fa56c4
SHA256

906d762ea77d12a34f17b877a3b150bbd6fda43787b578ac1b529f89db7789a0
SHA512

a593de9c1d9b95e741985532bd7e10a12542b0484a31d67a1d2035917107470518b8426e5d5f85eeac14f25416711252b836e215137ed592b739c5bbb2269848
SSDEEP

3072:QxqxUb58XQ6INYPssypuxt3FNq1wtUkBR0lYWC4qFevqvV9dgPqQuU2:UMUb5WINCBta6BD43vkVcPqQH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db4400d1465f618790010dbb7fe5ffa9_JaffaCakes118

Files

db4400d1465f618790010dbb7fe5ffa9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3ae7c1663a7462ef07137ec8550d6d4e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoGetMalloc
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

GetSystemTime
GetCalendarInfoW
HeapDestroy
GetStdHandle
LoadLibraryExW
GetLocaleInfoA
HeapSize
HeapReAlloc
EnumResourceNamesA
SystemTimeToFileTime
LoadLibraryW
CreateFileW
FindFirstFileW
GetThreadLocale
HeapAlloc
GetProcessHeap
HeapFree
WriteFile
CloseHandle
lstrcpynW

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ