JaffaCakes118_6639fa0885d54dc9252cf464b20123a9 | Triage

Sharing

General

Target

JaffaCakes118_6639fa0885d54dc9252cf464b20123a9
Size

174KB
MD5

6639fa0885d54dc9252cf464b20123a9
SHA1

86f7e226a3822d159c0f53cbbedfbe55aa782cf9
SHA256

ae82c4ac053704655dfa7738cbf5f918de8306e58e69df6dbc8f966b35d334be
SHA512

564de79a59841ef0180f2efbc25650eb848701c4783b8b92f97a5bdf0c6e0373c017b6de8d174f291b29187b3c981eb3c3c166b88ba959b817b296a3d48b2c4f
SSDEEP

3072:UaPhJ87gsFnHrgXECBgFk65vYwAIZocsX8LjEk77udf6W6tTEZ8:bhJ8XFnLgXKFxHNojgjTYf6WYO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6639fa0885d54dc9252cf464b20123a9

Files

JaffaCakes118_6639fa0885d54dc9252cf464b20123a9
.exe windows:4 windows x86 arch:x86

a137ee4b67babb7169c607d51cd68700

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetMalloc
CoTaskMemFree
CoCreateInstance
CoQueryProxyBlanket
CoSetProxyBlanket
CoUninitialize
CoInitializeSecurity
CoInitializeEx
StringFromGUID2

kernel32

GetCalendarInfoW
GetACP
ExitProcess
HeapDestroy
HeapCreate
HeapReAlloc
GetStartupInfoA
GetOEMCP
ReadFile
RtlUnwind
VirtualAlloc
IsValidCodePage
EnumResourceNamesA
HeapSize
LeaveCriticalSection
DeleteCriticalSection
FreeEnvironmentStringsA
SetFilePointer
VirtualFree
GetCPInfo
EnterCriticalSection
SetEndOfFile
InitializeCriticalSection
RaiseException
SetEnvironmentVariableA

user32

SendMessageA
CreateWindowExW
DestroyWindow
EnumChildWindows
GetDlgItem
IsWindow
GetWindowThreadProcessId

rpcrt4

UuidCreate

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ