22105e3688382266603f3255dc9a7c99_JaffaCakes118 | Triage

Sharing

General

Target

22105e3688382266603f3255dc9a7c99_JaffaCakes118
Size

171KB
MD5

22105e3688382266603f3255dc9a7c99
SHA1

16ace43ca2ddc6997d68c01e482f33f43dfd2b63
SHA256

d5509dbb0465c062ee475e8c298c9b426054c8deb76d7be628ee58073a820f8d
SHA512

2694921297d14c1864f9aeef45cfd1e53e6136e03ab8678ed4fdb36ebf6606c11a3b09bf87d60dbd73671744e4a5fa7a49b8144e79139ba875d449e79fead565
SSDEEP

3072:zMgXqH9i3gzIV/K/5fcFg9xQ4fdV4114i2Od9/7ohsnRSB24LepF:zMddi3gkc5UgPw14i19joh524CpF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22105e3688382266603f3255dc9a7c99_JaffaCakes118

Files

22105e3688382266603f3255dc9a7c99_JaffaCakes118
.exe windows:4 windows x86 arch:x86

efe1015fd92054cb73484196a3cd854b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidCreate

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

GetCalendarInfoW
SetEndOfFile
HeapDestroy
VirtualAlloc
InitializeCriticalSection
IsValidCodePage
SetFilePointer
HeapReAlloc
GetACP
RtlUnwind
HeapSize
EnumResourceNamesA
DeleteCriticalSection
ExitProcess
HeapCreate
GetCPInfo
FreeEnvironmentStringsA
ReadFile
LeaveCriticalSection
RaiseException
VirtualFree
GetOEMCP
GetStartupInfoA
EnterCriticalSection
SetEnvironmentVariableA

ole32

CoGetMalloc
CoInitializeEx
CoInitializeSecurity
CoUninitialize
CoSetProxyBlanket
CoCreateInstance
CoTaskMemFree
CoQueryProxyBlanket
StringFromGUID2

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ