faa674f85eb7b8fa5f4817e573bb2a37_JaffaCakes118 | Triage

Sharing

General

Target

faa674f85eb7b8fa5f4817e573bb2a37_JaffaCakes118
Size

180KB
MD5

faa674f85eb7b8fa5f4817e573bb2a37
SHA1

450c95f84b88f89c01efad5ca3ed9a8706eecd6d
SHA256

6be102ea5e555ee5ca772def01180a8d52648c8a73f0b4389cdcd88974a5e756
SHA512

7312e4fc833b4013aa5c2b0e19d0f185d2b35f5d3c7b7b318d9a5a77e38b8175c59536af93c783674587ba30cbc526f64e8aa0d1f310dcf99e41ee88c792e984
SSDEEP

3072:9KlVa/TUW+W/kn7JiCHJ/IAiTq6k6h/Q3xAV2Do2lILEICeXUewhsS7aS2:ewTwiMJ/IAiZUx22mCEPysS7af

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
faa674f85eb7b8fa5f4817e573bb2a37_JaffaCakes118

Files

faa674f85eb7b8fa5f4817e573bb2a37_JaffaCakes118
.exe windows:4 windows x86 arch:x86

956277d755e3849381c54a85c0eed6e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoGetMalloc
ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

GetCalendarInfoW
GetThreadLocale
GetLocaleInfoA
HeapDestroy
GetSystemTime
SystemTimeToFileTime
HeapAlloc
CloseHandle
HeapFree
WriteFile
EnumResourceNamesA
FindFirstFileW
GetProcessHeap
GetStdHandle
LoadLibraryW
HeapReAlloc
LoadLibraryExW
HeapSize
CreateFileW
lstrcpynW

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ