JaffaCakes118_9bfd2fa6615a52ed3eaf3865627643eb | Triage

Sharing

General

Target

JaffaCakes118_9bfd2fa6615a52ed3eaf3865627643eb
Size

171KB
MD5

9bfd2fa6615a52ed3eaf3865627643eb
SHA1

13874330431da3bbc3033774f9d5cc9ceba30f34
SHA256

a945f3a101968236ba164b2a00ed13e8c17e3cbea123f7a3ffbd3bd67857ccf2
SHA512

dc0f6d0e63cb7aac263c115e5fdc161511cd221533f84c2781e6aacabc8bd11731c9e3621a52e614e185981e96d3a6cfd778b4e3a2c9e9ba7352f278de53151c
SSDEEP

3072:shiTm3SUAh+GU1wijPj3IpgdKxLTTsatKOOy+:sPf4cC4UpgdiHTsoYy+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_9bfd2fa6615a52ed3eaf3865627643eb

Files

JaffaCakes118_9bfd2fa6615a52ed3eaf3865627643eb
.exe windows:4 windows x86 arch:x86

d327c7795dbf39bc331da443d66967bf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
GetCalendarInfoW
GetCPInfo
LeaveCriticalSection
HeapReAlloc
EnterCriticalSection
VirtualFree
VirtualAlloc
SetEndOfFile
ExitProcess
DeleteCriticalSection
InitializeCriticalSection
RaiseException
EnumResourceNamesA
GetACP
IsValidCodePage
FreeEnvironmentStringsA
ReadFile
SetFilePointer
GetOEMCP
HeapSize
GetStartupInfoA
RtlUnwind
HeapCreate
SetEnvironmentVariableA

user32

GetDlgItem
SendMessageA
CreateWindowExW
IsWindow
EnumChildWindows
DestroyWindow
GetWindowThreadProcessId

rpcrt4

UuidCreate

ole32

CoGetMalloc
CoCreateInstance
CoSetProxyBlanket
CoQueryProxyBlanket
CoInitializeEx
CoUninitialize
CoInitializeSecurity
CoTaskMemFree
StringFromGUID2

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ