3781dd614f3c068304306eee48a3115b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3781dd614f3c068304306eee48a3115b_JaffaCakes118
Size

170KB
MD5

3781dd614f3c068304306eee48a3115b
SHA1

740a559f7e5b2d41d558a51822bb7a2f726f63a9
SHA256

f8ea927326ed35ed73e91dde6d097ff7463eccbf3fa9383dc6b9b6709e557d4f
SHA512

33ca7141bf718575ffd45e7e025965b1f8768e5f78cdba6b13839ed26df2959b07bbd262fb81399d59389eba9d34cb3aa0634c2b12a0736ce5b293444c9488ae
SSDEEP

3072:T8GTz/JX5BC/DXDl4sggpY7RDbfCMK51VJ5xEP1DYGnSkprg:TZTzBX5Be/esMXfCvJjc1DYRkpc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3781dd614f3c068304306eee48a3115b_JaffaCakes118

Files

3781dd614f3c068304306eee48a3115b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1046fe1a181ce900d0ee38dc18c9331f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetMalloc
CoSetProxyBlanket
CoCreateInstance
CoTaskMemFree
CoInitializeEx
CoUninitialize
CoInitializeSecurity
CoQueryProxyBlanket
StringFromGUID2

rpcrt4

UuidCreate

kernel32

RaiseException
LeaveCriticalSection
GetCalendarInfoW
IsValidCodePage
VirtualFree
ExitProcess
SetEndOfFile
HeapDestroy
GetCPInfo
HeapSize
EnterCriticalSection
SetFilePointer
GetStartupInfoA
EnumResourceNamesA
FreeEnvironmentStringsA
HeapReAlloc
GetOEMCP
GetACP
DeleteCriticalSection
InitializeCriticalSection
HeapCreate
RtlUnwind
ReadFile

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ