22616cd11e8369815965211071778a31_JaffaCakes118 | Triage

Sharing

General

Target

22616cd11e8369815965211071778a31_JaffaCakes118
Size

186KB
MD5

22616cd11e8369815965211071778a31
SHA1

dcd4aa5174031c97ad5a16aea0f3ca201412d295
SHA256

84b1532207c2c125388f8f576708b96bacc3dd31de9c41f64edf0a083cf9f1a3
SHA512

f10832b8701e2ee5355a5b641f5a0cc96b2d9dd7986c4082f9008df32631084c82acca2bf46af02b3b6505ce41948e02dea1d8024ab06a0800f07cf53d1924f4
SSDEEP

3072:6IJ08+joCgu6ODtWgpwX11JXKHgGNfhKeG/4IlEVDnx7M9FPaQS8UpyZPS3ekq24:6IS8wR6rJpKAGNfMRCLmnaV8Iyp63q2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22616cd11e8369815965211071778a31_JaffaCakes118

Files

22616cd11e8369815965211071778a31_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c2d29a8867b600ca2e882e4bcd139b7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

I_RpcFreeBuffer
UuidCreate

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CoTaskMemRealloc

user32

GetDlgItem
MoveWindow
CheckDlgButton
IsWindow
DestroyWindow
CreateDialogParamA
IsDialogMessageA
WinHelpA
SetWindowLongA
IsDlgButtonChecked
EnableWindow
GetDlgItemTextA
GetDialogBaseUnits
SendMessageA
ShowWindow
UnregisterClassA
SetDlgItemTextA
GetDC
ReleaseDC
CharNextA

kernel32

SetUnhandledExceptionFilter
FlushInstructionCache
VirtualAlloc
ExitProcess
IsBadWritePtr
GetSystemInfo
VirtualFree
TlsAlloc
ExitProcess
VirtualQuery
HeapDestroy
GetProcAddress
TerminateProcess
SetLocaleInfoW
GetCommandLineA
HeapReAlloc
SetLastError
HeapCreate
RtlUnwind
VirtualProtect

shlwapi

PathFindExtensionA

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ