1183da19c5f4d66f803553e521ec4a06_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1183da19c5f4d66f803553e521ec4a06_JaffaCakes118
Size

165KB
MD5

1183da19c5f4d66f803553e521ec4a06
SHA1

ad613511ced356224a70eeab484f471c8759bf70
SHA256

c823fcb1b2b0ad9096b5c665e624152043893fbc4d9ba8bf84ae6bba9093af23
SHA512

06174c975e6c4d88de16e17ac412ae6443dfa65887978eccc436c3f4190f1c7a9a81a5d16a5cc2cb6ad2d42e6c3917617cb1383638d15efa4c59acf4de38ede0
SSDEEP

3072:LsgGuAMVTW75agDeWdLXYZ1EhlpYp8nZpRQngujz9Ce4IVHQiqMb:ocAkStVeWdwSlGUZjykIVw1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1183da19c5f4d66f803553e521ec4a06_JaffaCakes118

Files

1183da19c5f4d66f803553e521ec4a06_JaffaCakes118
.exe windows:4 windows x86 arch:x86

84ef532065a15242175d3a7ddd4fbd56

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoGetMalloc
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoQueryProxyBlanket
CoInitializeSecurity
CoSetProxyBlanket
CoInitializeEx
StringFromGUID2

kernel32

GetStartupInfoA
HeapDestroy
HeapReAlloc
GetCalendarInfoW
RaiseException
ExitProcess
GetOEMCP
GetACP
RtlUnwind
HeapSize
InitializeCriticalSection
SetFilePointer
HeapCreate
EnumResourceNamesA
GetCPInfo
FreeEnvironmentStringsA
VirtualFree
LeaveCriticalSection
IsValidCodePage
EnterCriticalSection
SetEndOfFile
DeleteCriticalSection
ReadFile

rpcrt4

UuidCreate

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ