355ec97b5527357135df1b7e68b99da2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

355ec97b5527357135df1b7e68b99da2_JaffaCakes118
Size

155KB
MD5

355ec97b5527357135df1b7e68b99da2
SHA1

65f09905853c65b5c40f933468078b50b0dd8d2e
SHA256

13731f49bfe0fecbe4a1e24ba759dd7627bc9c5c595e6019f3fb8bf9674cafae
SHA512

c81ec687d67424ffe7bfd7e03e276b6c5edd314fd0bbcfbd03ccac4e995d2284444aca52dd7f68085aa48beee4cd785031d92655f51eddc065888967c10be5ab
SSDEEP

3072:Xl8USb4VtNR26XswyuCLgfHlF2sbWmDEE4GK/KY6r2du7xF/0iqcLAY:1McFR268+CL6lssbJGxZdkxZ0B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
355ec97b5527357135df1b7e68b99da2_JaffaCakes118

Files

355ec97b5527357135df1b7e68b99da2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d79b94d6d15eb3d4747f248603b73dd0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateGuid
StringFromCLSID
CoTaskMemAlloc
CLSIDFromString
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoCreateInstance
CoInitializeSecurity
CoSetProxyBlanket
CoInitializeEx
CoUninitialize
CoTaskMemFree
CoGetClassObject

rpcrt4

RpcStringBindingComposeW
RpcStringFreeW
RpcSmDestroyClientContext
RpcBindingFromStringBindingW

shell32

SHGetFolderPathW
DragQueryFileW
DragFinish
CommandLineToArgvW
SHFileOperationW

comdlg32

GetFileTitleA

kernel32

GetVersionExW
FormatMessageW
InterlockedDecrement
LZOpenFileW
InterlockedIncrement
CreateFileW
CloseHandle
LocalAlloc
GetLocaleInfoW
GetComputerNameW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
lstrlenW
InterlockedExchange
OpenProcess
GetModuleFileNameW

oleaut32

LHashValOfNameSys
GetRecordInfoFromTypeInfo
VarUI4FromDec
SysFreeString

Sections

.text
Size: 99KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 316B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ