85a2d07f4abd0668bf47295a56697eeb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

85a2d07f4abd0668bf47295a56697eeb_JaffaCakes118
Size

163KB
MD5

85a2d07f4abd0668bf47295a56697eeb
SHA1

97389251b13608d0069b450749e1ef664fcf5697
SHA256

d8165fdc75ed80426791298ca808c06f01b02ac6db90950260c3f552c96449e0
SHA512

540a6ddbb28b2c05bd83e4da5d165cc9346262727bc3e71b5cbc1d7fd0a37814f12128f3fefb557799fb8175bcbc407a4870c25a4de2283b9701ab23219a2e2f
SSDEEP

3072:fiEtGNgyOCA/+HpqAXjQLxon6nKJJYUROo0S/zKNe:LcZbAAXjcoJEUFz/Ye

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85a2d07f4abd0668bf47295a56697eeb_JaffaCakes118

Files

85a2d07f4abd0668bf47295a56697eeb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ccb647aaeff06f2ecc78cede1dfd1919

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
GetCalendarInfoW
LeaveCriticalSection
GetOEMCP
HeapSize
RaiseException
GetACP
InitializeCriticalSection
RtlUnwind
EnterCriticalSection
HeapDestroy
SetFilePointer
GetCPInfo
EnumResourceNamesA
IsValidCodePage
GetStartupInfoA
FreeEnvironmentStringsA
HeapReAlloc
ExitProcess
HeapCreate
SetEndOfFile
DeleteCriticalSection
ReadFile

ole32

CoGetMalloc
CoInitializeSecurity
CoTaskMemFree
CoQueryProxyBlanket
CoCreateInstance
CoInitializeEx
CoSetProxyBlanket
CoUninitialize
StringFromGUID2

rpcrt4

UuidCreate

Sections

.text
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ