2768fae7c6d919e1bb76c6eb1b9eecdf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2768fae7c6d919e1bb76c6eb1b9eecdf_JaffaCakes118
Size

187KB
MD5

2768fae7c6d919e1bb76c6eb1b9eecdf
SHA1

d23926ceda63912155867859669adab16efe1f24
SHA256

47764af346bf1549156452c5975b46db8a8f2e78def8b2407e2c37594999feaf
SHA512

a6a56b4baa1d683adc3d5126768882aee70c8388ce6dbdf813d8439120c3a37b96ea0dc15377fc472ffdfe9854df0713024d6b554d58663ebb8f14b9aaa73c93
SSDEEP

3072:kMAY7k6Qh2oHBYiTmARrC/5UmYd6Ht7vTXrfTJOfSazENGzvxim/oUg9XUpm+UCV:LAY46khYiTBChdYdut777f9OXw+QmwUz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2768fae7c6d919e1bb76c6eb1b9eecdf_JaffaCakes118

Files

2768fae7c6d919e1bb76c6eb1b9eecdf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

749cd94a888db862c262efb5f7d50d39

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempFileNameA
GetACP
InterlockedCompareExchange
SetPriorityClass
GetVersionExA
GetCurrentProcessId
VirtualProtect
CreateProcessA
MulDiv
RaiseException
UnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetStartupInfoA
InterlockedExchange
GetCurrentProcess
EnumResourceTypesW
HeapFree
TerminateProcess
GetPrivateProfileStringW
GetTempPathA
GetProcessHeap
GetThreadLocale
HeapAlloc
GetLocaleInfoA
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetLocaleInfoW
TlsFree

gdiplus

GdipGetImageWidth
GdipDisposeImage

ole32

CoMarshalHresult
CoInitializeEx
CoUninitialize
CoRegisterClassObject
CreateStreamOnHGlobal
CreateItemMoniker
CoFreeUnusedLibraries
CLSIDFromString
GetRunningObjectTable
CoCreateInstance
StringFromCLSID
CoRevokeClassObject
StringFromGUID2
CoInitialize
CoTaskMemFree
CoTaskMemAlloc

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ