a0ebb4580c29b163bc605e3d11aadbb3_JaffaCakes118 | Triage

Sharing

General

Target

a0ebb4580c29b163bc605e3d11aadbb3_JaffaCakes118
Size

166KB
MD5

a0ebb4580c29b163bc605e3d11aadbb3
SHA1

ed439861b897d9725a746a9ca15cecb1e14502b7
SHA256

07b3378a9663e0870378318194c399c2d4913af4adb96fd219c41148fea741b7
SHA512

7e1daffdc89da5bcaedcfef00e1f435598b4e687b1b3831772c780b43544d6df278e172cd97609432f08aa37d555163e25ce206f69f019dc0487319ea3041b71
SSDEEP

3072:6t7tz8Rlr0pfEbHnLd5t1wDziEM+nFnOK5tF3MbQpkJbnV+0A:6t7QYMrxfyiExO23IQu98

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0ebb4580c29b163bc605e3d11aadbb3_JaffaCakes118

Files

a0ebb4580c29b163bc605e3d11aadbb3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

40b6d76791bd9babdc2687eea8f8d7e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetMalloc
CoInitializeEx
CoSetProxyBlanket
CoUninitialize
CoCreateInstance
CoInitializeSecurity
CoQueryProxyBlanket
CoTaskMemFree
StringFromGUID2

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

GetCPInfo
GetCalendarInfoW
GetACP
SetEndOfFile
SetFilePointer
RtlUnwind
VirtualFree
HeapSize
VirtualAlloc
HeapReAlloc
RaiseException
ReadFile
EnumResourceNamesA
InitializeCriticalSection
FreeEnvironmentStringsA
DeleteCriticalSection
IsValidCodePage
EnterCriticalSection
GetStartupInfoA
HeapCreate
GetOEMCP
ExitProcess
LeaveCriticalSection
HeapDestroy
SetEnvironmentVariableA

rpcrt4

UuidCreate

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ