75b5bb3239139c8298689244466e4957_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

75b5bb3239139c8298689244466e4957_JaffaCakes118
Size

187KB
MD5

75b5bb3239139c8298689244466e4957
SHA1

74d54150c3f60c9ddfc721fc90684c2e02ee10d6
SHA256

b0720cee3dc992b19692d27916e7b5209766903b59b6ecfa3203eb77c2a080ba
SHA512

1b5211f650b706ef455211633ba4cdf92796344298dbdb91c181ae66631015377b647007f007a55a1c23e3b724daa38dd2b83d312b98903e75fee6b11c6bf751
SSDEEP

3072:Faxqlw45Z0Rqsrb6uTXOLuAcWCT3h/mF2c6QmYWUL1gWF19cp:wx4TZebZTXOZcWw/VDQRWSgWF/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75b5bb3239139c8298689244466e4957_JaffaCakes118

Files

75b5bb3239139c8298689244466e4957_JaffaCakes118
.exe windows:4 windows x86 arch:x86

059ea0be40ff7b49645c5a756e0b9c33

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoMarshalHresult
CoSetProxyBlanket
CoInitializeSecurity
CoQueryProxyBlanket
CoCreateInstance
CoTaskMemFree
CoUninitialize
CoInitializeEx
StringFromGUID2

imm32

ImmAssociateContext

kernel32

GetACP
QueryPerformanceCounter
SetProcessAffinityMask
GetLocalTime
MoveFileW
WriteConsoleA
GetEnvironmentStringsW
FlushFileBuffers
SetStdHandle
GetConsoleOutputCP
GetCPInfo
SetEvent
GetCurrentThreadId
GetSystemTimeAsFileTime
CreateFileA
LoadLibraryA
EnumResourceTypesA
GetProfileIntA
GetOEMCP
WriteConsoleW
WaitForMultipleObjects
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidCodePage
GetCurrentProcessId
FreeEnvironmentStringsW
GetLocaleInfoA

Sections

.text
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ