d121faa3f6e90d545441cbc0340028d3_JaffaCakes118 | Triage

Sharing

General

Target

d121faa3f6e90d545441cbc0340028d3_JaffaCakes118
Size

182KB
MD5

d121faa3f6e90d545441cbc0340028d3
SHA1

0d23698099d257127c4ec31316375b1ecd6c4d8d
SHA256

e90c5722c7b1a0911acfbe99c939e855d44b57c732ac860a4411929895a74669
SHA512

2275665d9bf7e2a7e043d87c0099271d209dc0ec9e42fea650fd78e7693d368511815fb26b0496f7b19632dd1e011a766e4bf81fb63d4b4a16469f54d1067a54
SSDEEP

3072:U+A3w0NSJk5wD+hveJT7Mp2MDw9pI9R37IKIm7fgV5udVQ:b2wZJnChvC8p2MDwPICm7YV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d121faa3f6e90d545441cbc0340028d3_JaffaCakes118

Files

d121faa3f6e90d545441cbc0340028d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9324f7e4a5bf7c7919b491121e7ffa19

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
GetCalendarInfoW
DeleteCriticalSection
HeapReAlloc
IsValidCodePage
VirtualFree
EnterCriticalSection
GetCPInfo
ReadFile
HeapSize
VirtualAlloc
SetFilePointer
EnumResourceNamesA
InitializeCriticalSection
SetEndOfFile
FreeEnvironmentStringsA
LeaveCriticalSection
GetACP
RtlUnwind
GetOEMCP
RaiseException
GetStartupInfoA
HeapDestroy
ExitProcess
SetEnvironmentVariableA

rpcrt4

UuidCreate

ole32

CoGetMalloc
CoUninitialize
CoInitializeSecurity
CoInitializeEx
CoCreateInstance
CoSetProxyBlanket
CoTaskMemFree
CoQueryProxyBlanket
StringFromGUID2

user32

DestroyWindow
CreateWindowExW
EnumChildWindows
SendMessageA
IsWindow
GetDlgItem
GetWindowThreadProcessId

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ