277ea07e319834bd34598dbc14f01fc1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

277ea07e319834bd34598dbc14f01fc1_JaffaCakes118
Size

165KB
MD5

277ea07e319834bd34598dbc14f01fc1
SHA1

316cd7e04f1061ff10749702797f214a023c93d9
SHA256

2d75caa679a2d22e6500945506ca18f799f749a75fb38077491cf68f4a5ff546
SHA512

7b16b3423a3d6a7b3262fb649016e1389b366dc718aa0176ddfd3b264e32f422423b6a8f4709b567bf460364d784427c706ef21c6a7a29fb3acfce0cf2a3976d
SSDEEP

3072:Xfq/to92s9mRrpHU2tACMoxWQLVrs7RIQRbtlzbCDuXZGwL+I7n4IMKIhteHtTK:XOte7klpHpPWEERjiu1Ck4IMKIz62

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
277ea07e319834bd34598dbc14f01fc1_JaffaCakes118

Files

277ea07e319834bd34598dbc14f01fc1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cd22301cb2023a40b2e99a7a25a7c2e3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
GetCPInfoExA
HeapSize
GetCurrentThreadId
CreateFileA
RaiseException
GetLocaleInfoW
DeleteCriticalSection
IsValidCodePage
GetUserDefaultLCID
EnumResourceNamesA
RtlUnwind
GetVersionExA
InitializeCriticalSection
GetConsoleOutputCP
GetLastError
SetStdHandle
RaiseException
InterlockedIncrement
EnterCriticalSection
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
Sleep
InterlockedDecrement
WriteConsoleW

rpcrt4

RpcStringBindingComposeA
RpcBindingFromStringBindingA
RpcStringFreeA

ole32

CoGetMalloc
ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

Sections

.text
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ