JaffaCakes118_67bf1721e967d81b2db6b59b4df8aba2 | Triage

Sharing

General

Target

JaffaCakes118_67bf1721e967d81b2db6b59b4df8aba2
Size

170KB
MD5

67bf1721e967d81b2db6b59b4df8aba2
SHA1

1e614e511e43fc8abddb8f3fa709f93374d96300
SHA256

23d0b01c42818f3fa9cfc90db71b0a921a16c11f330d95e698408ffba1cc8735
SHA512

102d0969416cb720d301d942c38a19ace0bb73297be12fb9f6213ace664a78e59ca081deaf017339dd62ea4ac238b1b322c5f37afdf9091dc9b04bfcf0e2472b
SSDEEP

3072:6iGifTBzP8Yxv9OuabnFezAu5INkmzasdh3p6CLYb5eelB+vs4:vNV7tq5ezp2zF33pW5eelB+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_67bf1721e967d81b2db6b59b4df8aba2

Files

JaffaCakes118_67bf1721e967d81b2db6b59b4df8aba2
.exe windows:4 windows x86 arch:x86

d1d17f611519b3cc4e33ab1f836c1fe0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoGetMalloc
ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

kernel32

HeapAlloc
CreateFileW
GetCalendarInfoW
HeapDestroy
LoadLibraryExW
GetSystemTime
HeapSize
GetThreadLocale
EnumResourceNamesA
HeapFree
SystemTimeToFileTime
HeapReAlloc
FindFirstFileW
WriteFile
GetStdHandle
GetLocaleInfoA
LoadLibraryW
GetProcessHeap
CloseHandle
lstrcpynW

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ