0db562433c3bcacb5ce6dbe40a3c7963_JaffaCakes118 | Triage

Sharing

General

Target

0db562433c3bcacb5ce6dbe40a3c7963_JaffaCakes118
Size

181KB
MD5

0db562433c3bcacb5ce6dbe40a3c7963
SHA1

c1965927c2eabd35a84aeb18e45544b3a71301c6
SHA256

a4f65230a278ca4172de7f8e38dd6c3203f6fcec3edc678b6c66bb549e692eeb
SHA512

f5661a410f430f62b3893d30f88099425e69d3dd3f36da36fa3534ce322cbf1a4912bd179855c98c823787c6d7c9e7af7b4cca8fd15b62ce6e36a4129293a6b6
SSDEEP

3072:w51OpXcUVP80GMoo5MoVMdjJwlzMfLr/6VPhA7X:w51zAT9VSylzou9hk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0db562433c3bcacb5ce6dbe40a3c7963_JaffaCakes118

Files

0db562433c3bcacb5ce6dbe40a3c7963_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0868f84df0ff2c90009779dee180fb85

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCalendarInfoW
HeapAlloc
LoadLibraryW
HeapReAlloc
CreateFileW
GetLocaleInfoA
GetProcessHeap
GetThreadLocale
EnumResourceNamesA
HeapSize
HeapFree
HeapDestroy
GetSystemTime
FindFirstFileW
GetStdHandle
CloseHandle
SystemTimeToFileTime
WriteFile
LoadLibraryExW
lstrcpynW

ole32

CoGetMalloc
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ