JaffaCakes118_63a64fab1dcd6d59778659d433304664 | Triage

Sharing

General

Target

JaffaCakes118_63a64fab1dcd6d59778659d433304664
Size

175KB
MD5

63a64fab1dcd6d59778659d433304664
SHA1

e7db1b5fc5cbc531dbc19fc18082a77ef04a8fbe
SHA256

c7374243439e3c3c8255d16edc4b4bc88d58ce41852b8fc231410d30443093c6
SHA512

a5148019a28e1fdec192bfc0c48242a98c86065ef814f9afaba67ba103c1443b633416c2f24d03067665297a60e6702298b94abe440d681119dc7656da25dc88
SSDEEP

3072:eyhMAEU+IpLrMRWZnXGadK6PeYpNkpLPqeKP4Hgtr4LcSu0iSjqUU1:eSCURauGUFUcSu0iSC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_63a64fab1dcd6d59778659d433304664

Files

JaffaCakes118_63a64fab1dcd6d59778659d433304664
.exe windows:4 windows x86 arch:x86

1d2e6569093746050b2e59e4a9c4a187

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
GetCalendarInfoW
SystemTimeToFileTime
WriteFile
HeapSize
GetSystemTime
GetLocaleInfoA
GetStdHandle
EnumResourceNamesA
GetProcessHeap
HeapDestroy
GetThreadLocale
FindFirstFileW
LoadLibraryExW
CreateFileW
HeapFree
CloseHandle
HeapAlloc
LoadLibraryW
lstrcpynW

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoGetMalloc
ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ