061fc68c82caf1314c67c432566b0f78_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

061fc68c82caf1314c67c432566b0f78_JaffaCakes118
Size

174KB
MD5

061fc68c82caf1314c67c432566b0f78
SHA1

d9dc713ebaa4a5d09c79f2955b6b9a84bcbb9d09
SHA256

cb7fb2fabd5f48a6014ae3cc2e4e0cc32aecb511f30a60d362c1163e3d54a002
SHA512

cddbd3555cdb69ffd8f45935c44bebbd108384e42ef25f2391e1cd3072a193a3a935d1579fd225957d743b9a28c24e8b162a28942dcb6f1babc6ecb2035336df
SSDEEP

3072:hnfTdsEAq9jbklYOD9EX5eFxxqr6JCUobcHSy:KarpN61Ac

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
061fc68c82caf1314c67c432566b0f78_JaffaCakes118

Files

061fc68c82caf1314c67c432566b0f78_JaffaCakes118
.exe windows:4 windows x86 arch:x86

47b88909c8de398ebf6e116c8aeb3e14

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
GetCalendarInfoW
DeleteCriticalSection
RtlUnwind
IsValidCodePage
VirtualFree
EnterCriticalSection
ReadFile
LeaveCriticalSection
GetACP
HeapReAlloc
HeapCreate
EnumResourceNamesA
GetCPInfo
FreeEnvironmentStringsA
GetOEMCP
HeapSize
GetStartupInfoA
InitializeCriticalSection
VirtualAlloc
SetEndOfFile
HeapDestroy
RaiseException
ExitProcess
SetEnvironmentVariableA

oleacc

LresultFromObject
CreateStdAccessibleObject

rpcrt4

UuidCreate

ole32

CoGetMalloc
CoCreateInstance
CoQueryProxyBlanket
CoTaskMemFree
CoSetProxyBlanket
CoUninitialize
CoInitializeSecurity
CoInitializeEx
StringFromGUID2

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ