d38b569dfbae1265fe97df743752fde9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d38b569dfbae1265fe97df743752fde9_JaffaCakes118
Size

195KB
MD5

d38b569dfbae1265fe97df743752fde9
SHA1

a0e00e41dc99064b3337c21aa59f6f7c46251331
SHA256

c077eca5543e22ac385c9b76d3df1b7db65411991b895b1b35332a44d4fbc349
SHA512

0555d5e8632b4aa706f4fe3813414651baac066f9df04bd281df1ef4924fef5e9b2bb638881510a2383bb4ba0ed2d79e7a0d074f2d52c7f157dee2d96c632353
SSDEEP

6144:5uNIuQ/vkDidy9xHxUzr7qqu7eUNSXOf:5ws/MDr/R87Fu7oXOf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d38b569dfbae1265fe97df743752fde9_JaffaCakes118

Files

d38b569dfbae1265fe97df743752fde9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2df2f3e920b75cfc9dfcf307d8de388c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetCalendarInfoW
DeleteCriticalSection
RaiseException
HeapReAlloc
GetOEMCP
IsValidCodePage
SetEndOfFile
ExitProcess
GetCPInfo
InitializeCriticalSection
SetFilePointer
EnumResourceNamesA
VirtualFree
GetACP
HeapDestroy
RtlUnwind
FreeEnvironmentStringsA
HeapSize
HeapCreate
EnterCriticalSection
LeaveCriticalSection
ReadFile

rpcrt4

UuidCreate

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoGetMalloc
CoInitializeSecurity
CoUninitialize
CoTaskMemFree
CoSetProxyBlanket
CoQueryProxyBlanket
CoInitializeEx
CoCreateInstance
StringFromGUID2

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ