JaffaCakes118_a5a9d6a811a6ac220c16bdfb9f2784de | Triage

Sharing

General

Target

JaffaCakes118_a5a9d6a811a6ac220c16bdfb9f2784de
Size

171KB
MD5

a5a9d6a811a6ac220c16bdfb9f2784de
SHA1

0cc98d24979c5b3eb8d8bbf9f0b2a1041c829277
SHA256

26edb65ebd8068da4a53045b67e82d1e0a9076e344ce51a01110440c17a31cd1
SHA512

bb459f691f3b12a07e823afc0a83a9c94e700c769506bb814360d63eed47fa2871524f47e3306db3641a5b708d54ba84c7e8f3b19482cc5c3b9613a18167caa7
SSDEEP

3072:6ss0CqwgO/CF1C+b4fotEfG2cX5J3YAndhNuoF2bm2EsqkfcV43EEJcT/21:PsRqfOWUfotEfDcX1DuyAEE2i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_a5a9d6a811a6ac220c16bdfb9f2784de

Files

JaffaCakes118_a5a9d6a811a6ac220c16bdfb9f2784de
.exe windows:4 windows x86 arch:x86

27dac58ee3c947a22e071a73a52c8585

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetMalloc
CoInitializeSecurity
CoCreateInstance
CoTaskMemFree
CoUninitialize
CoInitializeEx
CoQueryProxyBlanket
CoSetProxyBlanket
StringFromGUID2

kernel32

ExitProcess
GetCalendarInfoW
GetACP
HeapSize
HeapDestroy
DeleteCriticalSection
ReadFile
HeapReAlloc
RtlUnwind
LeaveCriticalSection
EnumResourceNamesA
VirtualFree
HeapCreate
InitializeCriticalSection
FreeEnvironmentStringsA
IsValidCodePage
GetStartupInfoA
RaiseException
SetEndOfFile
EnterCriticalSection
GetCPInfo
VirtualAlloc
SetFilePointer
GetOEMCP
SetEnvironmentVariableA

rpcrt4

UuidCreate

user32

CreateWindowExW
SendMessageA
DestroyWindow
GetDlgItem
IsWindow
EnumChildWindows
GetWindowThreadProcessId

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ