f36988e4e6bc154cd7c50bd676fd9367_JaffaCakes118 | Triage

Sharing

General

Target

f36988e4e6bc154cd7c50bd676fd9367_JaffaCakes118
Size

182KB
MD5

f36988e4e6bc154cd7c50bd676fd9367
SHA1

62451b9e26c6726f4a195a957db8cedbf3fbc24c
SHA256

4ac1b05fb39c6287a4052cd50b395be75daac09c1521fa9906ba9e2836a983aa
SHA512

0f55c1118b19dcea353aee53c950a68c0c0a9254ff1b57f50af8cdfb98da5517257652f4aacb7c08299432094370a3c8b50a71b2a28abcc59090498348d0ebf9
SSDEEP

3072:u18M5zt8ciNzA8iCKKNBkU/L/SR2DnoYc/Uv0ekN+bzbva:u1RENz7nAKa+noYcBxsz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f36988e4e6bc154cd7c50bd676fd9367_JaffaCakes118

Files

f36988e4e6bc154cd7c50bd676fd9367_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5b97c1f69eb3992fd1a9abfdd8f55249

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetMalloc
CoInitializeSecurity
CoSetProxyBlanket
CoTaskMemFree
CoCreateInstance
CoInitializeEx
CoUninitialize
CoQueryProxyBlanket
StringFromGUID2

kernel32

GetStartupInfoA
HeapReAlloc
GetCPInfo
GetCalendarInfoW
DeleteCriticalSection
VirtualFree
EnterCriticalSection
ReadFile
GetACP
InitializeCriticalSection
EnumResourceNamesA
SetEndOfFile
HeapDestroy
HeapCreate
IsValidCodePage
LeaveCriticalSection
FreeEnvironmentStringsA
RaiseException
RtlUnwind
VirtualAlloc
GetOEMCP
HeapSize
SetFilePointer
ExitProcess
SetEnvironmentVariableA

oleacc

LresultFromObject
CreateStdAccessibleObject

rpcrt4

UuidCreate

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ