53485c4f5daea756a7750a919ad592a9_JaffaCakes118 | Triage

Sharing

General

Target

53485c4f5daea756a7750a919ad592a9_JaffaCakes118
Size

210KB
MD5

53485c4f5daea756a7750a919ad592a9
SHA1

14a126fd117d7e8cfd2a88490221299db47d8379
SHA256

6747cdb9c509c5d8bfd33db29919d743ac4daca97776b9dc951e38df229db6d7
SHA512

9790e78f6aea938dd4d900efc1ae2e56b656f41c67fae9a971feb14a5d6f7a12ace6eb0cac2e8244924c50643337651d699e60b37c17cdd868836d95f31106f2
SSDEEP

6144:nR7b+tcvOBbfin8bo/JYEjHTdo3GzKEpw:nR7ieQbfxE/JYECYp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
53485c4f5daea756a7750a919ad592a9_JaffaCakes118

Files

53485c4f5daea756a7750a919ad592a9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb3350ec20a9b0c1907c873e156f6146

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
GetProcessHeap
GetCalendarInfoA
HeapAlloc
HeapDestroy
SizeofResource
CreateFileW
GetModuleHandleA
GetSystemTime
LeaveCriticalSection
HeapFree
EnumResourceNamesA
LoadLibraryExW
lstrcpynW
FindFirstFileW
LockResource
WriteFile
FindResourceExA
GetStdHandle
SystemTimeToFileTime
LoadLibraryW
CloseHandle
GetVersionExA
LoadResource
TerminateProcess

ole32

CoGetMalloc
ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

shlwapi

PathFileExistsA
PathFileExistsW
StrStrIW

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ