2b6783de60195144f1afde3a20857db9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b6783de60195144f1afde3a20857db9_JaffaCakes118
Size

175KB
MD5

2b6783de60195144f1afde3a20857db9
SHA1

00ced93f77aaa476f1900902e41120a5db617052
SHA256

c37c2d1bd27cb91a26222367bfcc21751ed3533507600b9577cac2d28e3b8482
SHA512

332e3045077a1d9dfb675caaac1fd9aeaa8c87bc07eec3898719933aa069c41f61175eb182349b371cee6c5eca27f80852f6e53154247039c64159b0c83364e3
SSDEEP

3072:O7Oy2H0dpLIQifgRLAAV3MOiwemuODraPpX/FHIdFb6Pt/hN2cxr93g6lF:WOkLFugLMOi2ucrIjodFc/hNxxu6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b6783de60195144f1afde3a20857db9_JaffaCakes118

Files

2b6783de60195144f1afde3a20857db9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9d944918a9c757732a56943c51dedf3f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
LeaveCriticalSection
HeapSize
GetCalendarInfoW
IsValidCodePage
GetACP
RaiseException
HeapCreate
ExitProcess
GetOEMCP
SetEndOfFile
HeapReAlloc
VirtualFree
EnumResourceNamesA
VirtualAlloc
SetFilePointer
ReadFile
FreeEnvironmentStringsA
EnterCriticalSection
GetStartupInfoA
GetCPInfo
RtlUnwind
HeapDestroy
DeleteCriticalSection
SetEnvironmentVariableA

ole32

CoGetMalloc
CoInitializeEx
CoQueryProxyBlanket
CoCreateInstance
CoTaskMemFree
CoSetProxyBlanket
CoUninitialize
CoInitializeSecurity
StringFromGUID2

oleacc

LresultFromObject
CreateStdAccessibleObject

rpcrt4

UuidCreate

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ