969524ec79d97744677e268edb3c57a6_JaffaCakes118 | Triage

Sharing

General

Target

969524ec79d97744677e268edb3c57a6_JaffaCakes118
Size

166KB
MD5

969524ec79d97744677e268edb3c57a6
SHA1

55fbd1b7b554d6f4a0e9100911810f055e95250a
SHA256

3c26bc56746e332d1a49c044732ee065de172934f05d7dc73510718560b20325
SHA512

6e3ea4ff78ee7dc70f2cea31a5164be9ee3c9d942dff38f1ea068f023725f67ad8d260ee78676aedff89ca30c9501326c4408977ee36134ccea3bebe10054f45
SSDEEP

3072:mTN49AHExCCAQYNaz0ZCm3BhsHA4rwozQqjhEt+ov:zbxlvz0ZCoYwIjzov

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
969524ec79d97744677e268edb3c57a6_JaffaCakes118

Files

969524ec79d97744677e268edb3c57a6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a499c169f69a301ac2da3469ec255ef1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

rpcrt4

UuidCreate

ole32

CoGetMalloc
CoQueryProxyBlanket
CoInitializeEx
CoCreateInstance
CoUninitialize
CoSetProxyBlanket
CoInitializeSecurity
CoTaskMemFree
StringFromGUID2

kernel32

IsValidCodePage
GetCalendarInfoW
RaiseException
GetStartupInfoA
SetEndOfFile
GetACP
ReadFile
HeapReAlloc
DeleteCriticalSection
HeapCreate
SetFilePointer
EnumResourceNamesA
InitializeCriticalSection
HeapSize
GetOEMCP
VirtualAlloc
GetCPInfo
FreeEnvironmentStringsA
RtlUnwind
EnterCriticalSection
HeapDestroy
LeaveCriticalSection
VirtualFree
ExitProcess
SetEnvironmentVariableA

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ