e18a2ededc082a342bb0345c3ba5b38e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e18a2ededc082a342bb0345c3ba5b38e_JaffaCakes118
Size

167KB
MD5

e18a2ededc082a342bb0345c3ba5b38e
SHA1

88f798b61e029691a517995c5f8418d1db285267
SHA256

1ad97d20b9796c8906996cb19667b9315680f6328d01150380216c8bcbcedb3c
SHA512

d363aab3ec2981394209a352cac3ad90da63c2be58965422b8259eb63eaac64abdf73c043b826de0f8a76ce3390dd360b68401bb28aa590683c72673b855d796
SSDEEP

3072:3Lhx/+K08dbGBeQj4MK29DENSPsOdk7ZycVNwRf4unsDA:3z/+8ZGBeFMgcsVbLKf+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e18a2ededc082a342bb0345c3ba5b38e_JaffaCakes118

Files

e18a2ededc082a342bb0345c3ba5b38e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9e7207ff014f37b7c1c35976a607b745

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsA
PathFileExistsW
StrStrIW

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

GetCalendarInfoW
LoadResource
LockResource
LoadLibraryExW
HeapAlloc
GetStdHandle
LeaveCriticalSection
HeapFree
SizeofResource
GetVersionExA
CreateFileW
EnumResourceNamesA
lstrcpynW
FindResourceA
FindFirstFileW
GetModuleHandleA
WriteFile
SystemTimeToFileTime
HeapDestroy
LoadLibraryW
GetSystemTime
GetProcessHeap
CloseHandle
FindResourceExA
TerminateProcess

ole32

CoGetMalloc
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ