176e52512209fb6e15396cb8393f6fa8_JaffaCakes118 | Triage

Sharing

General

Target

176e52512209fb6e15396cb8393f6fa8_JaffaCakes118
Size

192KB
MD5

176e52512209fb6e15396cb8393f6fa8
SHA1

b00baa1c50de8b44b3fd493dcd5cce30d80fb7cb
SHA256

07797de96091eb1834817520d51d4eb40d5a0cf18f10765dba3f2e3578928ce9
SHA512

519da4cd4d0a812a306578d787ad542546bf2af1365ebff16fd5cbc6a0c054bdd45bd3ad14143e2d03ad73c35ff0470f4bfcd42a35d8c44696ee4bd65e564430
SSDEEP

3072:7kCTeuBtRP++rx61R1Ov81tkfRDx8DeWZvlEgH562gyCxbr5eRYWEpQj/5WZKzaT:7kCquBfP++rx6D1P1ER2DtlEgZ6nzZee

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
176e52512209fb6e15396cb8393f6fa8_JaffaCakes118

Files

176e52512209fb6e15396cb8393f6fa8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cacea16bf6421b56dd7563f0822984ba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmAssociateContext

kernel32

SetProcessAffinityMask
FlushFileBuffers
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
SetStdHandle
FreeEnvironmentStringsW
GetConsoleOutputCP
IsValidCodePage
CreateFileA
GetACP
WaitForMultipleObjects
EnumResourceTypesA
SetEvent
GetEnvironmentStringsW
MoveFileW
GetLocalTime
FreeEnvironmentStringsA
WriteConsoleA
GetEnvironmentStrings
WriteConsoleW
GetProfileIntA
LoadLibraryA
GetCPInfo
GetOEMCP
GetCurrentThreadId
GetLocaleInfoA

ole32

CoMarshalHresult
CoQueryProxyBlanket
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoInitializeSecurity
CoInitializeEx
CoSetProxyBlanket
StringFromGUID2

Sections

.text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ