1180160701dd3e3f98f63ec587e7f402_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1180160701dd3e3f98f63ec587e7f402_JaffaCakes118
Size

181KB
MD5

1180160701dd3e3f98f63ec587e7f402
SHA1

314e92cd415b08ab9a8ee322163a24d83bf3f932
SHA256

32ea0d44e2002d53e343df4cd39970c75b0e159ba2fcd0eacfb84e10dc48914b
SHA512

462335043b75f3ac29e1e5fb4fa6fbd2eddc739d496b853b2bbc930d02d5b0e6fe3dd064596294f31813a20dca9bbd2f3a8866e0ba15bccafcf2741bc68cd339
SSDEEP

3072:wDgOPGa/7oIt/LcBswZIhfNo7sqnxE7QsxmfWSg:wD57LL7fS7sAE7fUbg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1180160701dd3e3f98f63ec587e7f402_JaffaCakes118

Files

1180160701dd3e3f98f63ec587e7f402_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b84beef4456bb46a6044df7ba013e3b0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

GetCPInfo
GetCalendarInfoW
ReadFile
GetOEMCP
InitializeCriticalSection
HeapReAlloc
IsValidCodePage
RaiseException
GetACP
RtlUnwind
EnumResourceNamesA
HeapSize
EnterCriticalSection
VirtualFree
FreeEnvironmentStringsA
LeaveCriticalSection
VirtualAlloc
ExitProcess
GetStartupInfoA
DeleteCriticalSection
HeapDestroy
HeapCreate
SetFilePointer
SetEndOfFile
SetEnvironmentVariableA

rpcrt4

UuidCreate

ole32

CoGetMalloc
CoInitializeSecurity
CoQueryProxyBlanket
CoInitializeEx
CoTaskMemFree
CoSetProxyBlanket
CoCreateInstance
CoUninitialize
StringFromGUID2

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ