269e5ed7681d6894a4b8d0857b1d4b09_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

269e5ed7681d6894a4b8d0857b1d4b09_JaffaCakes118
Size

176KB
MD5

269e5ed7681d6894a4b8d0857b1d4b09
SHA1

5a75001783574be4677f0d334b05cbdba2c2d3db
SHA256

6829bb4a7f9f808935bea7ea3858a42381f90c92fb07fa4148efce096cacbbc4
SHA512

02a2b4a042cd6502c74a29f70a9abb3d994a79447d976c85b79beb202b476c66b75042544f7a3bcf8aa4199d1fde794cbe0dac0ef17f49824fe804c7b4204898
SSDEEP

3072:T3YFFL5yX0cdSIH0Sc0VMF4sVuccDH8eHo1H5xxFDEvef:T3YFFL5yXCgQEv+S6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
269e5ed7681d6894a4b8d0857b1d4b09_JaffaCakes118

Files

269e5ed7681d6894a4b8d0857b1d4b09_JaffaCakes118
.exe windows:4 windows x86 arch:x86

90763cbb976b2e75c295e0d1deac1970

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
SetFilePointer
GetCalendarInfoW
InitializeCriticalSection
RtlUnwind
HeapDestroy
HeapCreate
GetStartupInfoA
IsValidCodePage
SetEndOfFile
DeleteCriticalSection
GetCPInfo
VirtualFree
EnumResourceNamesA
RaiseException
EnterCriticalSection
FreeEnvironmentStringsA
HeapReAlloc
ExitProcess
LeaveCriticalSection
GetACP
GetOEMCP
ReadFile

rpcrt4

UuidCreate

ole32

CoGetMalloc
CoInitializeEx
CoUninitialize
CoCreateInstance
CoQueryProxyBlanket
CoSetProxyBlanket
CoTaskMemFree
CoInitializeSecurity
StringFromGUID2

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ