4680bcf27672dd79ce59894990a7527c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4680bcf27672dd79ce59894990a7527c_JaffaCakes118
Size

167KB
MD5

4680bcf27672dd79ce59894990a7527c
SHA1

93963391c327752a51f3318d90f4687c84cc6f5d
SHA256

7cf45da9ffc562f2dd58358bbafe2e37effab69744647d62b0abcec1f4de7405
SHA512

4da115b5f583f6d1cf3ff1c30680e21ee291c803ccf40b6843465446d5264820d76c0b32d4b7591532c703d6bdb063974363baa50d5fe0035d2797082c6add45
SSDEEP

3072:ZHBa6oUg5H0z35EPwFV6u0HYwe0K87x2hP7dw5P+py7OB1+eIpU:3JoUPTYz7cC5Qy78+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4680bcf27672dd79ce59894990a7527c_JaffaCakes118

Files

4680bcf27672dd79ce59894990a7527c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e8ff1fd144e6a75802bef53ac38172a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetMalloc
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

kernel32

GetCalendarInfoW
LockResource
LoadResource
LoadLibraryExW
FindResourceExA
lstrcpynW
GetProcessHeap
HeapFree
GetModuleHandleA
CreateFileW
CloseHandle
EnumResourceNamesA
HeapDestroy
FindResourceA
GetStdHandle
GetVersionExA
LeaveCriticalSection
FindFirstFileW
GetSystemTime
SizeofResource
LoadLibraryW
SystemTimeToFileTime
HeapAlloc
WriteFile
TerminateProcess

shlwapi

PathFileExistsA
PathFileExistsW
StrStrIW

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ