0c8df34490fc0a3281b36e8c1d6dbf74_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c8df34490fc0a3281b36e8c1d6dbf74_JaffaCakes118
Size

166KB
MD5

0c8df34490fc0a3281b36e8c1d6dbf74
SHA1

b45a140b19e1d421eeeb189d4f8d541a800d2958
SHA256

93e56e010faaee4e8590ac1f973dacc7afa43a1bd6312b706d76bf9db0634113
SHA512

c4bf6ec56278666225da39952669c29fd7c8343b9a51d80b281cb067418ef6f8e56f30170af8b419971a3c0b43cf3d0c54524b6489a6f277570d939dfee9eeb2
SSDEEP

3072:odyFycPVTWLdupWlepj7XYd9xWCW9ohg4U2p7USYF09:rYuB0dJlepj7c9UCMoyNkvm0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c8df34490fc0a3281b36e8c1d6dbf74_JaffaCakes118

Files

0c8df34490fc0a3281b36e8c1d6dbf74_JaffaCakes118
.exe windows:4 windows x86 arch:x86

836167376f1cbb9d038993a0bac8bd75

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetMalloc
CoUninitialize
CoSetProxyBlanket
CoInitializeEx
CoInitializeSecurity
CoTaskMemFree
CoQueryProxyBlanket
CoCreateInstance
StringFromGUID2

kernel32

GetCalendarInfoW
GetStartupInfoA
LeaveCriticalSection
HeapReAlloc
IsValidCodePage
InitializeCriticalSection
RaiseException
RtlUnwind
DeleteCriticalSection
EnterCriticalSection
HeapCreate
EnumResourceNamesA
VirtualFree
HeapDestroy
ExitProcess
GetACP
GetCPInfo
FreeEnvironmentStringsA
SetEndOfFile
SetFilePointer
GetOEMCP
HeapSize
ReadFile

oleacc

LresultFromObject
CreateStdAccessibleObject

rpcrt4

UuidCreate

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ