922e759e6a460205f2cbb6bc9750fc9e_JaffaCakes118 | Triage

Sharing

General

Target

922e759e6a460205f2cbb6bc9750fc9e_JaffaCakes118
Size

166KB
MD5

922e759e6a460205f2cbb6bc9750fc9e
SHA1

8d82ecfe1301fa24e74316f63533d517dafe1805
SHA256

753c4ea12c9956a951c53bdc3513f83fe3208286509c23e0740a51e40ee6563d
SHA512

26c968326b945631bf98ad52dc9ef8d666bb28e32565d285d47454aa5fbdb2b5f69696505a1e665bfb63604bdd7e55a2c4c28437ffe99e256593f17269436bab
SSDEEP

3072:mTN49AHExCCAQYNaz0ZCm3BhsHA4rwozQqjhEt+ov:zbxlvz0ZCoYwIjzov

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
922e759e6a460205f2cbb6bc9750fc9e_JaffaCakes118

Files

922e759e6a460205f2cbb6bc9750fc9e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a499c169f69a301ac2da3469ec255ef1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

rpcrt4

UuidCreate

ole32

CoGetMalloc
CoQueryProxyBlanket
CoInitializeEx
CoCreateInstance
CoUninitialize
CoSetProxyBlanket
CoInitializeSecurity
CoTaskMemFree
StringFromGUID2

kernel32

IsValidCodePage
GetCalendarInfoW
RaiseException
GetStartupInfoA
SetEndOfFile
GetACP
ReadFile
HeapReAlloc
DeleteCriticalSection
HeapCreate
SetFilePointer
EnumResourceNamesA
InitializeCriticalSection
HeapSize
GetOEMCP
VirtualAlloc
GetCPInfo
FreeEnvironmentStringsA
RtlUnwind
EnterCriticalSection
HeapDestroy
LeaveCriticalSection
VirtualFree
ExitProcess
SetEnvironmentVariableA

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ