24d2f26dd2cb55c954655ee4d6d876d9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

24d2f26dd2cb55c954655ee4d6d876d9_JaffaCakes118
Size

174KB
MD5

24d2f26dd2cb55c954655ee4d6d876d9
SHA1

9a733ec7627c760080c84d1386c0d6c8c4216f99
SHA256

45fbe86fa0ea71a501c57366a6f38dd894332c01467f3ac15e123322d2fbd71f
SHA512

4024539884cca06dcbf726faf268427e32b9c4e4df9ad99c96f47d6261b9f4b15c97249d112ab369f3144eb1ebe92b36f29d579b5c4822b0b8e4a8baa3c22d97
SSDEEP

3072:r4qsTGRchubwUL7C2Ku7VbFNE1powPB/0l2bA6z25Gj2Y:JsTGRchuEM+2RVbLi4Grj2Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24d2f26dd2cb55c954655ee4d6d876d9_JaffaCakes118

Files

24d2f26dd2cb55c954655ee4d6d876d9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4b1fc557eab21ac9849706498ac09cb3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCalendarInfoW
LeaveCriticalSection
GetStartupInfoA
ExitProcess
GetACP
RtlUnwind
SetEndOfFile
HeapCreate
ReadFile
DeleteCriticalSection
RaiseException
EnumResourceNamesA
HeapSize
GetCPInfo
IsValidCodePage
SetFilePointer
FreeEnvironmentStringsA
GetOEMCP
HeapReAlloc
InitializeCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapDestroy
SetEnvironmentVariableA

rpcrt4

UuidCreate

ole32

CoGetMalloc
CoQueryProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoCreateInstance
CoUninitialize
CoTaskMemFree
CoSetProxyBlanket
StringFromGUID2

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ