46397332d3f67896581f8682f2753eef_JaffaCakes118 | Triage

Sharing

General

Target

46397332d3f67896581f8682f2753eef_JaffaCakes118
Size

171KB
MD5

46397332d3f67896581f8682f2753eef
SHA1

66be4468b8fabd89da9a0a2ec0cf400b141424ce
SHA256

9f13f7249bb5eab7b61adf8f09dcd69deddae1052aa6861418a93a75f98f6844
SHA512

f9b394a82f8405d21c883280a4443e9a9dd5e27cf9f720ce51fcfdc50e34cdff297db163d4bbf199fdd338261762dd054e1bc2e19435ef6542e0dcf62afc6f64
SSDEEP

3072:6ZQ+B6VqVEBtCNj2R/WNVXj2OjkWCIDvokerykiMYqzTizwdq:eNLVEBtCNcWNtjkW5urFdTBc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46397332d3f67896581f8682f2753eef_JaffaCakes118

Files

46397332d3f67896581f8682f2753eef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

717a33e739e03cc95da8c6f809527cca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetMalloc
CoInitializeEx
CoTaskMemFree
CoInitializeSecurity
CoUninitialize
CoSetProxyBlanket
CoQueryProxyBlanket
CoCreateInstance
StringFromGUID2

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

shell32

SHGetFolderPathW

newdev

UpdateDriverForPlugAndPlayDevicesW

rpcrt4

UuidCreate

user32

EnumChildWindows
SendMessageA
IsWindow
CreateWindowExW
DestroyWindow
GetDlgItem
GetWindowThreadProcessId

kernel32

GetACP
GetCPInfo
VirtualFree
GetCalendarInfoW
SetFilePointer
SetEndOfFile
HeapSize
InitializeCriticalSection
GetOEMCP
RtlUnwind
LeaveCriticalSection
GetStartupInfoA
EnumResourceNamesA
ReadFile
FreeEnvironmentStringsA
VirtualAlloc
IsValidCodePage
HeapDestroy
DeleteCriticalSection
EnterCriticalSection
ExitProcess
RaiseException
HeapCreate
HeapReAlloc
SetEnvironmentVariableA

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ