1c6af67e2274de7e39dad33197e629ae_JaffaCakes118 | Triage

Sharing

General

Target

1c6af67e2274de7e39dad33197e629ae_JaffaCakes118
Size

184KB
MD5

1c6af67e2274de7e39dad33197e629ae
SHA1

8debd0ad88784177c05bd1f824666fd37b4f7842
SHA256

c4463a5ede4d4f2324cc034ff4e9a3dd4bd3bd07c894fa246c0b7cb053c094b3
SHA512

e987789759c9ab27a8dc13840867cf87bee57fe0c004ba6f2334180854a8f245761c463723a0c124a5d3b77826c3d8686e3a7b37aa0ddff03f991adc0ec7e3e9
SSDEEP

3072:WDUtvFo+jOCOYd1+2V/kF/qquU8i9yW4lNVK4pc2p:iUg+L1d1+CpquULOt9p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c6af67e2274de7e39dad33197e629ae_JaffaCakes118

Files

1c6af67e2274de7e39dad33197e629ae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fd7164f0c44ada8f8c27be58b8c47ed9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

I_RpcFreeBuffer
UuidCreate

user32

DestroyWindow
CreateDialogParamA
GetDlgItem
EnableWindow
IsDialogMessageA
IsWindow
ShowWindow
CheckDlgButton
SetWindowLongA
GetDlgItemTextA
ReleaseDC
SendMessageA
SetDlgItemTextA
MoveWindow
WinHelpA
UnregisterClassA
IsDlgButtonChecked
GetDialogBaseUnits
GetDC
CharNextA

shlwapi

PathFindExtensionA

kernel32

TerminateProcess
HeapCreate
FlushInstructionCache
VirtualFree
HeapDestroy
TlsAlloc
RtlUnwind
GetCommandLineA
SetLastError
ExitProcess
HeapReAlloc
IsBadWritePtr
GetProcAddress
SetLocaleInfoW
VirtualAlloc
SetUnhandledExceptionFilter
VirtualQuery
GetSystemInfo
ExitProcess
VirtualProtect

ole32

CoTaskMemFree
CoTaskMemAlloc
StringFromGUID2
CoCreateInstance
CoTaskMemRealloc

Sections

.text
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ