JaffaCakes118_12048b510875ae3c3c744244e3f9f09b | Triage

Sharing

General

Target

JaffaCakes118_12048b510875ae3c3c744244e3f9f09b
Size

181KB
MD5

12048b510875ae3c3c744244e3f9f09b
SHA1

1a34824a81495d2f047e60db180ef07fb5071c1d
SHA256

ae655a7063f9efde72f84bed74065a78f82ba01d1ec5ad9ccf88c686758c45c4
SHA512

eae758a69ccf53c6a795eaf1eba82a3ac5cee118f4ccc22c8cbf25887f0e85b0bd87e8da00ee40457b4e0edcadc71d1554a20dbab97b8f0d37df5c5fea1dea5a
SSDEEP

3072:Oreq4UUt6HvDPIqLf0vF9EDFAO9Z2DAbdhlL7pFHUWVV+dvVsl:D31qDP3LTh9Z2sbdhTUdsl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_12048b510875ae3c3c744244e3f9f09b

Files

JaffaCakes118_12048b510875ae3c3c744244e3f9f09b
.exe windows:4 windows x86 arch:x86

1eadae0aa425200ca965222ad31491d3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnumChildWindows
CreateWindowExW
IsWindow
GetDlgItem
DestroyWindow
SendMessageA
GetWindowThreadProcessId

kernel32

HeapDestroy
ReadFile
InitializeCriticalSection
GetCalendarInfoW
HeapSize
SetEndOfFile
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetCPInfo
EnumResourceNamesA
GetACP
RaiseException
ExitProcess
SetFilePointer
GetOEMCP
FreeEnvironmentStringsA
VirtualFree
IsValidCodePage
HeapReAlloc
DeleteCriticalSection
HeapCreate
GetStartupInfoA
VirtualAlloc
SetEnvironmentVariableA

ole32

CoGetMalloc
CoUninitialize
CoCreateInstance
CoQueryProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoTaskMemFree
CoSetProxyBlanket
StringFromGUID2

rpcrt4

UuidCreate

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ