67184d90eef8603e1571c80deb1f6e10_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

67184d90eef8603e1571c80deb1f6e10_JaffaCakes118
Size

166KB
MD5

67184d90eef8603e1571c80deb1f6e10
SHA1

1b6ed5db27184a1a143993ed0edb6201757f98ff
SHA256

4928d72945c63844f77bd183959f4b24e3b9eb8a4a5d4165b48faf739e5d6c5c
SHA512

e5d3741e7d8bfb85ae30aff7231b577417317e609c44a833a2da7a1a1b6038189cf0cf28c94e93ec0b73c1d77aa688ac757828235a806e1936337f0d9619cf03
SSDEEP

3072:vufEwW90LLrjzeNaDaW1S2XyabQNPxPHtHTk8cRB:2sF0eJW1rNbuFA8oB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67184d90eef8603e1571c80deb1f6e10_JaffaCakes118

Files

67184d90eef8603e1571c80deb1f6e10_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b5ecebbdbe9a76f441a2b4166d1b731

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetMalloc
CoCreateInstance
CoInitializeSecurity
CoQueryProxyBlanket
CoInitializeEx
CoTaskMemFree
CoUninitialize
CoSetProxyBlanket
StringFromGUID2

rpcrt4

UuidCreate

kernel32

SetEndOfFile
HeapSize
DeleteCriticalSection
GetCalendarInfoW
IsValidCodePage
ReadFile
ExitProcess
VirtualAlloc
GetACP
GetStartupInfoA
GetCPInfo
EnumResourceNamesA
SetFilePointer
HeapReAlloc
FreeEnvironmentStringsA
RaiseException
EnterCriticalSection
LeaveCriticalSection
HeapDestroy
RtlUnwind
VirtualFree
GetOEMCP
HeapCreate
InitializeCriticalSection
SetEnvironmentVariableA

user32

CreateWindowExW
DestroyWindow
SendMessageA
IsWindow
GetDlgItem
EnumChildWindows
GetWindowThreadProcessId

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ