0cacda93bf83fcc48d1d2576a428b10b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0cacda93bf83fcc48d1d2576a428b10b_JaffaCakes118
Size

208KB
MD5

0cacda93bf83fcc48d1d2576a428b10b
SHA1

fd859842656a38971e968da5cbda72976d530035
SHA256

6169c6701df7dd17782eb6b4fd98a7ee49f80e500d8a81dcade4c7a61a234fac
SHA512

8e72f267daeb8119ad202840b327096dd11a7e89111a3b2250776047ae4c2398d98159d13ce469126b0b2fe72fc65712dc613b1edac3f73fd29ac5b5e5f95f6d
SSDEEP

6144:V01IKgEjLtCLSkuY1GG516eLwxIf9meAtVhUj8Obe0Q:VUKqtCLJ1GG73LIIlViijRC0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cacda93bf83fcc48d1d2576a428b10b_JaffaCakes118

Files

0cacda93bf83fcc48d1d2576a428b10b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ed6c5b3247a4e20423b1ad5c8af1a13e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
FindResourceExA
GetCalendarInfoA
lstrcpynW
LoadResource
LoadLibraryW
WriteFile
GetSystemTime
HeapDestroy
HeapAlloc
CreateFileW
GetVersionExA
EnumResourceNamesA
LeaveCriticalSection
SystemTimeToFileTime
CloseHandle
FindFirstFileW
GetStdHandle
LoadLibraryExW
GetModuleHandleA
LockResource
HeapFree
SizeofResource
FindResourceA
TerminateProcess

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoGetMalloc
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ