a22cb5adac759fff16b4d45fd78a8dcf_JaffaCakes118 | Triage

Sharing

General

Target

a22cb5adac759fff16b4d45fd78a8dcf_JaffaCakes118
Size

176KB
MD5

a22cb5adac759fff16b4d45fd78a8dcf
SHA1

08be30429659661bdc8967218071956ef54131f8
SHA256

9baebc11c5c3ff4bea6c06428e02127aac6d25b113a8392d51c379b2b8ce280e
SHA512

4df2913a5c7f4ea0f15111139070935e8c4a9f6646b6facfe38e60efe3cd9330d4b201dd33b73288a4356edb03fb4d8d5d9ae22f474bb169ca6dffc750bf4756
SSDEEP

3072:5vboWPZhFnG8hDZcbi4zN8CF6BaFXVV75HeW84MeHkF:FblFG8hDZR4zN8C26lL14

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a22cb5adac759fff16b4d45fd78a8dcf_JaffaCakes118

Files

a22cb5adac759fff16b4d45fd78a8dcf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f73c0ecc5d5f418360c2d80ff01f7014

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidCreate

user32

DestroyWindow
CreateWindowExW
EnumChildWindows
IsWindow
SendMessageA
GetDlgItem
GetWindowThreadProcessId

kernel32

EnterCriticalSection
SetEndOfFile
GetCalendarInfoW
GetCPInfo
IsValidCodePage
SetFilePointer
InitializeCriticalSection
VirtualFree
HeapDestroy
RtlUnwind
EnumResourceNamesA
HeapCreate
ExitProcess
DeleteCriticalSection
FreeEnvironmentStringsA
HeapReAlloc
ReadFile
HeapSize
VirtualAlloc
LeaveCriticalSection
GetOEMCP
GetACP
RaiseException
GetStartupInfoA
SetEnvironmentVariableA

ole32

CoGetMalloc
CoInitializeSecurity
CoInitializeEx
CoSetProxyBlanket
CoQueryProxyBlanket
CoUninitialize
CoTaskMemFree
CoCreateInstance
StringFromGUID2

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ