e3563b8f44d31ee37795092a84a4528e_JaffaCakes118 | Triage

Sharing

General

Target

e3563b8f44d31ee37795092a84a4528e_JaffaCakes118
Size

176KB
MD5

e3563b8f44d31ee37795092a84a4528e
SHA1

aeea6518b9129f6c25a98a5932eb36a257286feb
SHA256

c6f79560d75fa7e7aed3dc0ed4a409b2da1079801f3c825b3537d993652a3845
SHA512

1fea4eb86b76317f6dcf22e01c22eb197b569dbcf823e16de5b70446453da511bb47639bdb97a87beb44889fd381ffaba8422847fbd93e08d642b66b9848336e
SSDEEP

3072:PZsEiz8LfmCmKSkPcJjmQk3yt+IymbuAB2RKwRB/pjWwbeSG:PZsE+K7cJjXk3ypyxezGB/pSwbeS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e3563b8f44d31ee37795092a84a4528e_JaffaCakes118

Files

e3563b8f44d31ee37795092a84a4528e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a6529d1886fd102f0a9b15daa90e55a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidCreate

ole32

CoGetMalloc
CoTaskMemFree
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoUninitialize
CoCreateInstance
CoQueryProxyBlanket
StringFromGUID2

kernel32

VirtualAlloc
GetCalendarInfoW
GetOEMCP
LeaveCriticalSection
HeapDestroy
SetFilePointer
ReadFile
GetStartupInfoA
HeapSize
InitializeCriticalSection
DeleteCriticalSection
RtlUnwind
GetCPInfo
EnumResourceNamesA
HeapReAlloc
EnterCriticalSection
FreeEnvironmentStringsA
VirtualFree
GetACP
HeapCreate
IsValidCodePage
SetEndOfFile
ExitProcess
RaiseException
SetEnvironmentVariableA

user32

SendMessageA
EnumChildWindows
DestroyWindow
GetDlgItem
IsWindow
CreateWindowExW
GetWindowThreadProcessId

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ