72887c84ea8d6a10835a56c1d9ca77ea_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

72887c84ea8d6a10835a56c1d9ca77ea_JaffaCakes118
Size

193KB
MD5

72887c84ea8d6a10835a56c1d9ca77ea
SHA1

5ddacccde0e6acb456151b36fc52b7c082657535
SHA256

89233dcdcb7607a711789bb00bd178ffdce8c2f3822b3b54a31aa0d46e94b270
SHA512

2c89486219206d71eba957d3c3e5c6c4ecc98ad1b15c883cc3a7e27cbf467b962f6f13a11ade99639bc8597718f71b75da2ed003747f18f4f477ee6b1d41a812
SSDEEP

6144:j0yMOy8Oqx5njoFi62ZwzEqLDjq+fhMazbepa0/:4yZtOC0Fi626zTr1bUa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72887c84ea8d6a10835a56c1d9ca77ea_JaffaCakes118

Files

72887c84ea8d6a10835a56c1d9ca77ea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

92ed00b466640f2a16f3569578ec7ffe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoMarshalHresult
GetRunningObjectTable
CreateStreamOnHGlobal
StringFromGUID2
StringFromCLSID
CoInitialize
CLSIDFromString
CoFreeUnusedLibraries
CreateItemMoniker
CoCreateInstance
CoUninitialize
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemFree
CoInitializeEx
CoTaskMemAlloc

kernel32

GetLocaleInfoW
GetACP
GetProcessHeap
SetPriorityClass
CreateProcessA
GetThreadLocale
InterlockedCompareExchange
InterlockedExchange
RaiseException
VirtualProtect
QueryPerformanceCounter
GetVersionExA
EnumResourceTypesA
GetCurrentProcess
GetCurrentProcessId
GetTempPathA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
HeapAlloc
IsDebuggerPresent
GetPrivateProfileIntA
MulDiv
HeapFree
TerminateProcess
GetTempFileNameA
GetLocaleInfoA
GetStartupInfoA
TlsFree

gdiplus

GdipGetImageWidth
GdipDisposeImage

Sections

.text
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ