2b4b91816850028e000a13a76d7c2483_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b4b91816850028e000a13a76d7c2483_JaffaCakes118
Size

165KB
MD5

2b4b91816850028e000a13a76d7c2483
SHA1

e818c239adacb168a9490ff6257d8010ad4a2d1e
SHA256

b7a8799c759c49ccb16bcd0067cdaec554a9f6a4830bc1d4c0321ef182dcf055
SHA512

cd0979e86fe611920fdbac60f8499d394950021549e3e9ce6138c95c6f0e523278bb65dc6c306b292b2f07532c3c95f57bc4af996523edbaaec5bcd0d55c5aab
SSDEEP

3072:lk914eLsvrlhixS8wUW+qCWPDsIKzZuuGSKbf46tbwY1b3l:lkpwlsxKUWjBPDsBC5j461

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b4b91816850028e000a13a76d7c2483_JaffaCakes118

Files

2b4b91816850028e000a13a76d7c2483_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e8ff1fd144e6a75802bef53ac38172a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetMalloc
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

kernel32

GetCalendarInfoW
LockResource
LoadResource
LoadLibraryExW
FindResourceExA
lstrcpynW
GetProcessHeap
HeapFree
GetModuleHandleA
CreateFileW
CloseHandle
EnumResourceNamesA
HeapDestroy
FindResourceA
GetStdHandle
GetVersionExA
LeaveCriticalSection
FindFirstFileW
GetSystemTime
SizeofResource
LoadLibraryW
SystemTimeToFileTime
HeapAlloc
WriteFile
TerminateProcess

shlwapi

PathFileExistsA
PathFileExistsW
StrStrIW

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ