cb59c6cca06dd80f9db08748bef46bfe_JaffaCakes118 | Triage

Sharing

General

Target

cb59c6cca06dd80f9db08748bef46bfe_JaffaCakes118
Size

174KB
MD5

cb59c6cca06dd80f9db08748bef46bfe
SHA1

4324492841f23b6eccb45950870cde4ba4607883
SHA256

d6d8194d2fa588da37951d70662111126c1a5fe736d4212a0892a97593192a83
SHA512

9238e77a97beaa10519803c915d7e3fdc9367125d76fd918b6b9deef00b4f8cd7cd8e4eb7a087a8be0ccd4fadfe5442fa95405a02bb0d76a5ffdc35f4e1fbe56
SSDEEP

3072:MVFTTcUFKpCpxR8/zdH24x8pwsyTF5EvOz0eTb1DZMRl+p:MVFTTcUFaKxR8/Q4x81igOz0KDZMX+p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb59c6cca06dd80f9db08748bef46bfe_JaffaCakes118

Files

cb59c6cca06dd80f9db08748bef46bfe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

791b9ae847594b815d9be6e8435b77de

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidCreate

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoGetMalloc
CoInitializeEx
CoTaskMemFree
CoCreateInstance
CoInitializeSecurity
CoSetProxyBlanket
CoQueryProxyBlanket
CoUninitialize
StringFromGUID2

kernel32

GetOEMCP
GetACP
GetCalendarInfoW
HeapDestroy
SetEndOfFile
InitializeCriticalSection
DeleteCriticalSection
SetFilePointer
HeapSize
IsValidCodePage
EnumResourceNamesA
RaiseException
HeapReAlloc
RtlUnwind
ExitProcess
GetCPInfo
LeaveCriticalSection
FreeEnvironmentStringsA
HeapCreate
EnterCriticalSection
VirtualFree
GetStartupInfoA
ReadFile

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ