JaffaCakes118_306ddef8dd05ca4da80890839bbcaa7d | Triage

Sharing

General

Target

JaffaCakes118_306ddef8dd05ca4da80890839bbcaa7d
Size

170KB
MD5

306ddef8dd05ca4da80890839bbcaa7d
SHA1

6908c0407cd8f3042ab09a74ff752947dc71c9d5
SHA256

0b5ed9179e3a25ef6d9ee8504293c96b9cbc1c3cdc3cad8b46d1083e089be9db
SHA512

a40c12742f4690b56ae959fb9370eb84da894c387eaa920a19a01549d37df807433a10800aebe4210e9bc90b8d6cbdac5b0b34509d23d0b52fdb5c7302e374d8
SSDEEP

3072:6iGifTBzP8Yxv9OuabnFezAu5INkmzasdh3p6CLYb5eelB+vs4:vNV7tq5ezp2zF33pW5eelB+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_306ddef8dd05ca4da80890839bbcaa7d

Files

JaffaCakes118_306ddef8dd05ca4da80890839bbcaa7d
.exe windows:4 windows x86 arch:x86

d1d17f611519b3cc4e33ab1f836c1fe0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoGetMalloc
ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

kernel32

HeapAlloc
CreateFileW
GetCalendarInfoW
HeapDestroy
LoadLibraryExW
GetSystemTime
HeapSize
GetThreadLocale
EnumResourceNamesA
HeapFree
SystemTimeToFileTime
HeapReAlloc
FindFirstFileW
WriteFile
GetStdHandle
GetLocaleInfoA
LoadLibraryW
GetProcessHeap
CloseHandle
lstrcpynW

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ