76a52581725f7e6e29fc9b5fda251e47_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

76a52581725f7e6e29fc9b5fda251e47_JaffaCakes118
Size

154KB
MD5

76a52581725f7e6e29fc9b5fda251e47
SHA1

b922b4a6b3e4b9a5c45ddd2b2cadf7173f9d041a
SHA256

e978c10454d00375388009edad41fe2b50b37bf68cd0ba7d9e047e942646005d
SHA512

46dde901cc183ef22729ad52dd508178043dee7986e1f42b72f06d2034a06e6b7377b9f9686cd5087b843deb970516cf198728e4254165eaec60cc44494973b9
SSDEEP

3072:5W74Xt/i0xBebAAcrU7oCtbBCYCIXbbeKxrjIjhIFh4HalmlNXBSpJ:5W7OZi0xB3Mb+I2KxPGIFh46lmjcH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76a52581725f7e6e29fc9b5fda251e47_JaffaCakes118

Files

76a52581725f7e6e29fc9b5fda251e47_JaffaCakes118
.exe windows:4 windows x86 arch:x86

42d36f3d543e02604a75f469e1cab3e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateGuid
StringFromCLSID
CoTaskMemAlloc
CLSIDFromString
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoCreateInstance
CoInitializeSecurity
CoSetProxyBlanket
CoInitializeEx
CoUninitialize
CoTaskMemFree
CoGetClassObject

rpcrt4

RpcStringBindingComposeW
RpcStringFreeW
RpcSmDestroyClientContext
RpcBindingFromStringBindingW

shell32

SHGetFolderPathW
DragQueryFileW
DragFinish
CommandLineToArgvW
SHFileOperationW

comdlg32

GetFileTitleA

kernel32

GetVersionExW
HeapFree
HeapAlloc
CreateToolhelp32Snapshot
LoadLibraryW
InterlockedExchange
Sleep
InterlockedCompareExchange
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
GlobalFree

oleaut32

LHashValOfNameSys
GetRecordInfoFromTypeInfo
VarUI4FromDec
SysFreeString

Sections

.text
Size: 84KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 298B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ