187f24f1ddc94b465a115d05c8cf4605_JaffaCakes118 | Triage

Sharing

General

Target

187f24f1ddc94b465a115d05c8cf4605_JaffaCakes118
Size

164KB
MD5

187f24f1ddc94b465a115d05c8cf4605
SHA1

09f71682bb005390c945a2ebb386ed24d852d6f0
SHA256

1bbb234991d3725586da5c69101a0670c0f82295e832be2a4c24382b6c8b6251
SHA512

db82669038cb7f5d2183a63c81e1b941c14a9b4bc6714309e8ed61f3b50b175919b5c957e80e28b291c841a8ff259aa6f934e21dd8a299ad85bff72862b3270a
SSDEEP

3072:X+Mve7wyg6b80PgcoyMjMWscyEZijsQXDS5sVTTB6gBO8eN2idKxkENZM0ZoU0+:XHve7zg6b80QkWscHZi1XDS+B88Bid8h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
187f24f1ddc94b465a115d05c8cf4605_JaffaCakes118

Files

187f24f1ddc94b465a115d05c8cf4605_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b9e912a55f2abfaf24f2e0bd57db9571

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetMalloc
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

kernel32

GetCPInfoExA
HeapSize
WriteConsoleA
IsValidCodePage
IsValidLocale
GetCurrentThreadId
SetStdHandle
GetVersionExA
GetConsoleOutputCP
Sleep
CreateFileA
GetLocaleInfoW
EnterCriticalSection
EnumResourceNamesA
InterlockedDecrement
InterlockedIncrement
EnumSystemLocalesA
RtlUnwind
InitializeCriticalSection
LeaveCriticalSection
RaiseException
DeleteCriticalSection
RaiseException
GetLastError
GetUserDefaultLCID
WriteConsoleW

rpcrt4

RpcStringBindingComposeA
RpcBindingFromStringBindingA
RpcStringFreeA

Sections

.text
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ