2461ba443a5df7b00e75725d7f125678_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2461ba443a5df7b00e75725d7f125678_JaffaCakes118
Size

188KB
MD5

2461ba443a5df7b00e75725d7f125678
SHA1

be2c4b038529a1589ba8a645362220b0446bb471
SHA256

77368cd6bee256da5bf99015386cad47256e74a5604e26a0b24160eb52ab2399
SHA512

ba5804cd3a52386cf057158e497065e49267ec1b05d04678d333df43526c1b2a0e7b0942b81a0a2befdc9c89ec970b6014359fde8246a1ab9e62e6f256e77246
SSDEEP

3072:o74QlE4sBFfnQ+C04t4Ae/OWVJ53wYG12DnWbTOWuxJVG2eqZo0uBfjrM8ablfkF:oUQS94t4XJ5a12DfWux7G2Ho0w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2461ba443a5df7b00e75725d7f125678_JaffaCakes118

Files

2461ba443a5df7b00e75725d7f125678_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f7334a90b470dee225c12e95a065bca2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
lstrlenW
SetProcessWorkingSetSize
GetCurrentProcessId
WideCharToMultiByte
TerminateProcess
GetACP
GetSystemTimeAsFileTime
lstrlenA
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetEnvironmentVariableA
EnumResourceNamesW
Heap32ListFirst
RaiseException
GetModuleHandleA
MultiByteToWideChar
GetCurrentThreadId
GetTickCount
GetLocaleInfoA
LocalAlloc
InterlockedExchange
CreateProcessA
GetThreadLocale

ole32

CoSetProxyBlanket
StringFromCLSID

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ