3f59bcc9c7016c18a7183f4c22b5feb5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f59bcc9c7016c18a7183f4c22b5feb5_JaffaCakes118
Size

176KB
MD5

3f59bcc9c7016c18a7183f4c22b5feb5
SHA1

5f007316b57f45203e89aca014813cb4e6a4117a
SHA256

9b65afffb3b8c91eacad24ed1478f5ac4fa4e25f756bba5bf079f35ad9037d88
SHA512

ccdb296975627a9e8221fd8643a61fcd4aedb8bd795400af06a467feaf277bad1a850c3c57ab4493f89d60a2bf67ba7df1a6a6c00a8a3c0714a5ee1bf604fbe5
SSDEEP

3072:PZsEiz8LfmCmKSkPcJjmQk3yt+IymbuAB2RKwRB/pjWwbeSG:PZsE+K7cJjXk3ypyxezGB/pSwbeS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f59bcc9c7016c18a7183f4c22b5feb5_JaffaCakes118

Files

3f59bcc9c7016c18a7183f4c22b5feb5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a6529d1886fd102f0a9b15daa90e55a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidCreate

ole32

CoGetMalloc
CoTaskMemFree
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoUninitialize
CoCreateInstance
CoQueryProxyBlanket
StringFromGUID2

kernel32

VirtualAlloc
GetCalendarInfoW
GetOEMCP
LeaveCriticalSection
HeapDestroy
SetFilePointer
ReadFile
GetStartupInfoA
HeapSize
InitializeCriticalSection
DeleteCriticalSection
RtlUnwind
GetCPInfo
EnumResourceNamesA
HeapReAlloc
EnterCriticalSection
FreeEnvironmentStringsA
VirtualFree
GetACP
HeapCreate
IsValidCodePage
SetEndOfFile
ExitProcess
RaiseException
SetEnvironmentVariableA

user32

SendMessageA
EnumChildWindows
DestroyWindow
GetDlgItem
IsWindow
CreateWindowExW
GetWindowThreadProcessId

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ