dc2df23d6d7eb88bc9c262228f8391ba_JaffaCakes118 | Triage

Sharing

General

Target

dc2df23d6d7eb88bc9c262228f8391ba_JaffaCakes118
Size

173KB
MD5

dc2df23d6d7eb88bc9c262228f8391ba
SHA1

41feac1a05b090ade52db12b885570be4f5f0e78
SHA256

71b893c3114cf33324998bbc2a7921feb75a78ff23c95966cb55b92a0f144b4e
SHA512

30a9c015960595b4f66d69fdc4d04f778a7ed536cc29ddb6b797a0dafa1d7baf33fd72b4e205957b04365eb7dc2cb590df685b91611acde17a73f170749cff9c
SSDEEP

3072:BEEGA3tiI4Jay87me/Y4uy5pMeSlY9pjrR:XGA3tMameiy52e2Yzj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc2df23d6d7eb88bc9c262228f8391ba_JaffaCakes118

Files

dc2df23d6d7eb88bc9c262228f8391ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8999e3f9de4b459c6feaee12c60d8679

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
GetCalendarInfoW
EnterCriticalSection
ExitProcess
SetFilePointer
LeaveCriticalSection
IsValidCodePage
HeapReAlloc
HeapDestroy
GetCPInfo
GetStartupInfoA
HeapCreate
EnumResourceNamesA
GetOEMCP
RaiseException
VirtualFree
DeleteCriticalSection
FreeEnvironmentStringsA
GetACP
HeapSize
SetEndOfFile
InitializeCriticalSection
ReadFile

ole32

CoGetMalloc
CoSetProxyBlanket
CoQueryProxyBlanket
CoInitializeEx
CoCreateInstance
CoInitializeSecurity
CoTaskMemFree
CoUninitialize
StringFromGUID2

rpcrt4

UuidCreate

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ