921d3755390ed829d38070cb2cb2083e_JaffaCakes118 | Triage

Sharing

General

Target

921d3755390ed829d38070cb2cb2083e_JaffaCakes118
Size

181KB
MD5

921d3755390ed829d38070cb2cb2083e
SHA1

28a81d4a4a56514c2e80e8272af06144e0d61d19
SHA256

7661b810e344780bb7c399c227079c91d2b9a50c5d9a4c251684edd22f8204f4
SHA512

c6c042335d5292db468a9d3e1dd65ed91ed3cc73d40dfb087254d9375181719e8c00ec050deac897b7f73029c4ae8ad3004ddc056b3a0ef26a0a24c06cd20cd5
SSDEEP

3072:1hjdtzjWVywdP6OjuYxxPUiHvTiT8zVUkfIGFmSc9L2t5KQjOdhyy:1VOHpxc+2TWCkXFmRu5Ke29

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
921d3755390ed829d38070cb2cb2083e_JaffaCakes118

Files

921d3755390ed829d38070cb2cb2083e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

68cc4561080dddbd76beb0900ae3d1cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCalendarInfoW
GetCPInfo
VirtualFree
HeapDestroy
EnterCriticalSection
IsValidCodePage
SetFilePointer
HeapSize
GetOEMCP
DeleteCriticalSection
EnumResourceNamesA
ExitProcess
SetEndOfFile
LeaveCriticalSection
GetStartupInfoA
HeapReAlloc
InitializeCriticalSection
FreeEnvironmentStringsA
HeapCreate
GetACP
RtlUnwind
RaiseException
ReadFile

ole32

CoGetMalloc
CoSetProxyBlanket
CoUninitialize
CoTaskMemFree
CoInitializeEx
CoCreateInstance
CoInitializeSecurity
CoQueryProxyBlanket
StringFromGUID2

oleacc

LresultFromObject
CreateStdAccessibleObject

rpcrt4

UuidCreate

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ