b72f1cc270bb6a51605a3e4c9cca21cf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b72f1cc270bb6a51605a3e4c9cca21cf_JaffaCakes118
Size

372KB
MD5

b72f1cc270bb6a51605a3e4c9cca21cf
SHA1

a5ddd1af9460b853ace9fc082435ea1be45714ee
SHA256

d828adecd67615f2aef159dc1d0456ba24daf42ed6de23780098e3481f0f7c99
SHA512

9e6e2ad74a572d62efea68c9d74d0949a853f4a9b7650c1a4d28abf231a293454bacae545fdfe58a780526f00b75679e4969df36a65765eeea34224c763ceb16
SSDEEP

6144:h8etFyGOrX8WnEZ5kvNmpAa8YdQea9vGscXzF8Umv78VfE8oZQEsjZhCrzAf:RXy8LkvQpdbQea9vGscCU+zpsj7+sf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b72f1cc270bb6a51605a3e4c9cca21cf_JaffaCakes118

Files

b72f1cc270bb6a51605a3e4c9cca21cf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7ca6284de20e812c9f16b07fc3711eef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rtutils

TraceDumpExA

kernel32

FormatMessageW
GetLastError

ntdll

RtlAdjustPrivilege
NtAllocateVirtualMemory
RtlAddAccessAllowedObjectAce

ole32

CoUninitialize
CoCreateInstance
CoInitializeEx

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE