bfb5c48a1a02bd57c826b0f66c94e6b2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bfb5c48a1a02bd57c826b0f66c94e6b2_JaffaCakes118
Size

181KB
MD5

bfb5c48a1a02bd57c826b0f66c94e6b2
SHA1

acf562fd9d23293e052eb3017acdb4363c7a60ea
SHA256

aabbdfb8b2a01dc4981dcd6bf058a130c36ad76aa3273285bdeec5873ad81e6e
SHA512

34d2709970ff770acb3104bbd00ff87af2c0ff6edf9dfdbc912f62f1577a041b71ba0679d87acc8090e29e23be3d0536a6f5a65f4210fc455bf753382e8205be
SSDEEP

3072:txiwKWK2L2taUJY3CdRFedQMmDOM8twoerdYhCO1p4khwxwXjna0:3FfLKaUJY/dlCObtwxQWruna

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfb5c48a1a02bd57c826b0f66c94e6b2_JaffaCakes118

Files

bfb5c48a1a02bd57c826b0f66c94e6b2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

33d12d4b407cde33d21a9cb88b1948e4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

rpcrt4

UuidCreate

kernel32

IsValidCodePage
HeapDestroy
DeleteCriticalSection
GetCalendarInfoW
SetEndOfFile
HeapReAlloc
RtlUnwind
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
EnumResourceNamesA
SetFilePointer
ExitProcess
ReadFile
GetACP
FreeEnvironmentStringsA
HeapSize
RaiseException
InitializeCriticalSection
GetOEMCP
HeapCreate
VirtualAlloc
GetStartupInfoA
VirtualFree
SetEnvironmentVariableA

ole32

CoGetMalloc
CoInitializeSecurity
CoSetProxyBlanket
CoTaskMemFree
CoInitializeEx
CoQueryProxyBlanket
CoUninitialize
CoCreateInstance
StringFromGUID2

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ