37739403d71f1b79164cb2ef2bf581c4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37739403d71f1b79164cb2ef2bf581c4_JaffaCakes118
Size

188KB
MD5

37739403d71f1b79164cb2ef2bf581c4
SHA1

d4e5ed46cb1164e92d8c7fb4fdb2a6b8e208a511
SHA256

4c0dc7f10d00d70f4e16dd8edede3dd9bd692fe62e36541afd83207ce2b5bf57
SHA512

f3569e9da1286be063ecac6f15e89640742d21202c3c2e62f836dd08ae1de6aaae20e6b369f76f41bbbed4fdedd86edda24d63ef05779773245304e05147943d
SSDEEP

3072:l3Ktm1Jp0G3UECyoU16pOJiWY/pgVJzW+lcaj1ANF9B8ZD5uG4rk5/dVtzCjuw8L:NKtmSG3UEV6pZWQpI/Oaj1ANF415o4dL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37739403d71f1b79164cb2ef2bf581c4_JaffaCakes118

Files

37739403d71f1b79164cb2ef2bf581c4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

97296d2023c31a589811c5b7e216c091

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

GetHGlobalFromILockBytes
ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

kernel32

SetProcessWorkingSetSize
LocalAlloc
GetCurrentProcessId
GetModuleHandleA
lstrlenW
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
MultiByteToWideChar
GetEnvironmentVariableA
lstrlenA
InterlockedExchange
WideCharToMultiByte
EnumResourceTypesA
GetLocaleInfoA
GetACP
SetHandleCount
CreateProcessA
RaiseException
TerminateProcess
IsDebuggerPresent
GetCurrentProcess
GetTickCount
GetCurrentThreadId
GetThreadLocale

Sections

.text
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ