ea635810a0cbf6b490bb36bb807526fc_JaffaCakes118 | Triage

Sharing

General

Target

ea635810a0cbf6b490bb36bb807526fc_JaffaCakes118
Size

174KB
MD5

ea635810a0cbf6b490bb36bb807526fc
SHA1

ed058bfc1a381d6ed054c6e0db091224aed63782
SHA256

045f7e4cf53b37c38b8ef23b29ab8e5f9282aad9418542738d54d7116169ba22
SHA512

6201a609956cdf5d3daf9f8c4ba966b7e09a8b293cb156d8f1c0aec04299bc0f0439b56d38b6d95412b67878482bf899c10a2c14e58d4b7b9883bfd88000102a
SSDEEP

3072:2DyxASvS6A2VnAcRDzGF3ZCf8kA+HFJQ+udou:2DyxAfr10DldAwFdHu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea635810a0cbf6b490bb36bb807526fc_JaffaCakes118

Files

ea635810a0cbf6b490bb36bb807526fc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8720210c029c6328a29164cfe58cdf19

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
SetFilePointer
GetOEMCP
GetCalendarInfoW
HeapReAlloc
DeleteCriticalSection
RaiseException
EnterCriticalSection
GetCPInfo
VirtualAlloc
ReadFile
ExitProcess
EnumResourceNamesA
RtlUnwind
HeapDestroy
HeapCreate
GetStartupInfoA
FreeEnvironmentStringsA
GetACP
VirtualFree
HeapSize
InitializeCriticalSection
SetEndOfFile
IsValidCodePage
SetEnvironmentVariableA

ole32

CoGetMalloc
CoQueryProxyBlanket
CoCreateInstance
CoInitializeEx
CoTaskMemFree
CoUninitialize
CoSetProxyBlanket
CoInitializeSecurity
StringFromGUID2

user32

EnumChildWindows
CreateWindowExW
GetDlgItem
IsWindow
DestroyWindow
SendMessageA
GetWindowThreadProcessId

rpcrt4

UuidCreate

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ