357301830b58523cdf7afac00530f1c9_JaffaCakes118 | Triage

Sharing

General

Target

357301830b58523cdf7afac00530f1c9_JaffaCakes118
Size

193KB
MD5

357301830b58523cdf7afac00530f1c9
SHA1

b75c92d5cccf3e500cde50b1c53995aab8940ad6
SHA256

b468339b55acfcda87ff0afc1dac31cb20ddd3fa24c755fc70c09876bf0aa685
SHA512

883960e793aa9654c0a9eabf6822a547f07d82bc16a632a16e017a5d3398ada20d3912ad39023f365c20a835119047607fb533b0f0bfa46806505060bacdd1f2
SSDEEP

6144:rCa5u28T9xk47VkFpcVmWkP3MWUQSK0JSE:WjLKFpcVBC3MPQ9Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
357301830b58523cdf7afac00530f1c9_JaffaCakes118

Files

357301830b58523cdf7afac00530f1c9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4d433fc42c076a7d4648c953e6a1f04b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

GetHGlobalFromILockBytes
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

kernel32

GetLocaleInfoA
LocalAlloc
SetProcessWorkingSetSize
lstrlenA
GetCurrentProcessId
GetEnvironmentVariableA
InterlockedExchange
lstrlenW
TerminateProcess
UnhandledExceptionFilter
GetSystemTimeAsFileTime
EnumResourceTypesA
MultiByteToWideChar
IsDebuggerPresent
SetHandleCount
GetCurrentThreadId
RaiseException
GetCurrentProcess
SetUnhandledExceptionFilter
GetModuleHandleA
WideCharToMultiByte
GetTickCount
CreateProcessA
GetACP
GetThreadLocale

Sections

.text
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ