2f3efdd3a5448d2c1f2d12d12fe5d6d9_JaffaCakes118 | Triage

Sharing

General

Target

2f3efdd3a5448d2c1f2d12d12fe5d6d9_JaffaCakes118
Size

183KB
MD5

2f3efdd3a5448d2c1f2d12d12fe5d6d9
SHA1

a2c69088daf6f781718ec65af50ad434c2b16ebb
SHA256

7d2c3321c5bdc2bab6e750f56bba8627b823fd30947cd43013e22163d6e40c11
SHA512

1439aef40471f5e7fadef543f4074e8e6cadc6c8877c20f86fbe4bc3a912858942896a99cbbb540f2828b4d3e0c2ae466bff3b987033dd5460ff04b43315d2f1
SSDEEP

3072:VRUicGA0U0vg2yh7n2t0oTqaQKx2kU54Fyaw0b7vkJciwxNvrJHKmDVe3:RcGngxV+qzK4ke/O9D9DDVe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f3efdd3a5448d2c1f2d12d12fe5d6d9_JaffaCakes118

Files

2f3efdd3a5448d2c1f2d12d12fe5d6d9_JaffaCakes118
.exe .ps1 windows:4 windows x86 arch:x86 polyglot

f40685f467a260289dfcce482210c221

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidCreate

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

GetACP
InitializeCriticalSection
GetCalendarInfoW
HeapReAlloc
DeleteCriticalSection
HeapCreate
RtlUnwind
IsValidCodePage
VirtualFree
HeapDestroy
RaiseException
GetStartupInfoA
LeaveCriticalSection
EnumResourceNamesA
FreeEnvironmentStringsA
GetOEMCP
ExitProcess
SetEndOfFile
EnterCriticalSection
GetCPInfo
HeapSize
SetFilePointer
ReadFile

ole32

CoGetMalloc
CoInitializeSecurity
CoUninitialize
CoInitializeEx
CoQueryProxyBlanket
CoCreateInstance
CoTaskMemFree
CoSetProxyBlanket
StringFromGUID2

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ