3939713c4200722f085975229e6427f4_JaffaCakes118 | Triage

Sharing

General

Target

3939713c4200722f085975229e6427f4_JaffaCakes118
Size

167KB
MD5

3939713c4200722f085975229e6427f4
SHA1

1cac3efca2df0a33909a848c766b64ee036ddfa6
SHA256

7f66ea5ee286960fd097be0fc39b5abb85d2ceb2c1e6a80eedfe147ed0fcdf48
SHA512

63db88bd65b59778f1b621e7834e114c5ee64cafe12210c5fa5c6acb682e5fe31413ea1f476675453057c50469de6c43bd5efc106f9e10ceeacd4445cf8a88ad
SSDEEP

3072:tf2Zps1JNGd2ftNSqXt8xKknIBfgK5OfUV6D5nT/gLTFNhG/2VG78W0:YZpsEBqXtEIGsOfjn7gVfe2VjW0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3939713c4200722f085975229e6427f4_JaffaCakes118

Files

3939713c4200722f085975229e6427f4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e77bd0cb86d4d8589c4339426db1d6b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCalendarInfoA
FindResourceA
LeaveCriticalSection
LoadResource
LoadLibraryExW
GetVersionExA
CreateFileW
GetProcessHeap
GetModuleHandleA
HeapFree
WriteFile
LoadLibraryW
EnumResourceNamesA
GetSystemTime
FindResourceExA
GetStdHandle
HeapDestroy
FindFirstFileW
SizeofResource
SystemTimeToFileTime
CloseHandle
HeapAlloc
LockResource
lstrcpynW
TerminateProcess

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoGetMalloc
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ