39704b54cbb66e29e4ce55509d2dfb31_JaffaCakes118 | Triage

Sharing

General

Target

39704b54cbb66e29e4ce55509d2dfb31_JaffaCakes118
Size

186KB
MD5

39704b54cbb66e29e4ce55509d2dfb31
SHA1

cb9e4af86832a64d573e0e27249111eaa1171354
SHA256

11023b554d894e01555b176f6304450c68c1ffa4969739c6414a9de46e328fbd
SHA512

05ba1833f65ef36988fc853f967d3881af5c5939c48ea2c6918ab3448360ba7dca72ed5b7585659d860b946329865f38f9ea3c661bd1977fe360e99ce1119f09
SSDEEP

3072:HaK67zlkbHyoY/JxjDcX64V59axbMoOk/ZS5zdUi0lEAJhs3rnKX1xtm:HaKTbS3TncKwsBh/Z4dUi0lEAJhs3rKd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39704b54cbb66e29e4ce55509d2dfb31_JaffaCakes118

Files

39704b54cbb66e29e4ce55509d2dfb31_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e5a2686a2300a775f0054f28fd2897bd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
SetProcessWorkingSetSize
GetCurrentProcess
GetSystemTimeAsFileTime
UnhandledExceptionFilter
GetCurrentThreadId
GetModuleHandleA
CreateProcessA
lstrlenA
RaiseException
GetTickCount
EnumResourceTypesA
TerminateProcess
WideCharToMultiByte
IsDebuggerPresent
InterlockedExchange
SetHandleCount
GetEnvironmentVariableA
LocalAlloc
lstrlenW
MultiByteToWideChar
GetLocaleInfoA
GetACP
GetCurrentProcessId
GetThreadLocale

ole32

GetHGlobalFromILockBytes
ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ