9412d317427b8040ae63e84d97642a90_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9412d317427b8040ae63e84d97642a90_JaffaCakes118
Size

206KB
MD5

9412d317427b8040ae63e84d97642a90
SHA1

ddd50c0cd04c272c547979a96012697a45f3b4c9
SHA256

ee12baa7eb63c03f01f604304f42ab7accccb10d548b0e654dd5d24a20bfd33c
SHA512

faa3aa00f2642cd2b5552f843048a7f1c8461756c8e42c3add338583b69c538a1362aa33cfb4372814818c92299f1049cd1559f5b8c4ae2c8ee0a4755b0bfb99
SSDEEP

3072:6qfgpHGtkB1pO+QiBoSD8hV8IX7DKpxIUvFUZB2RWW2yRS/COR84nF26SKKATrVh:pfgF3O+USD8hVpXgrG2mqOG4Y6SKKy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9412d317427b8040ae63e84d97642a90_JaffaCakes118

Files

9412d317427b8040ae63e84d97642a90_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5acf37b9915b9ad08e75af4ea9027552

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmAssociateContext

ole32

GetHGlobalFromILockBytes
CoInitializeEx
CoUninitialize
CoSetProxyBlanket
CoCreateInstance
CoQueryProxyBlanket
CoTaskMemFree
CoInitializeSecurity
StringFromGUID2

kernel32

GetModuleFileNameW
GlobalAlloc
GetConsoleOutputCP
CreateFileW
GlobalLock
SetProcessAffinityMask
GetACP
CreateProcessW
GetStringTypeA
WriteFile
GetCPInfo
OutputDebugStringW
LoadLibraryA
DeleteCriticalSection
QueryPerformanceCounter
ReadFile
GetOEMCP
WriteConsoleW
InterlockedDecrement
WriteConsoleA
EnumResourceTypesA
CreateEventW
WaitForSingleObject
SetEndOfFile
FlushFileBuffers
LCMapStringW
Sleep
GetEnvironmentStrings
LCMapStringA
WaitNamedPipeA
FreeEnvironmentStringsW
IsValidCodePage
SetStdHandle
GetLocaleInfoA
GetStringTypeW
CreateFileA
GetSystemTimeAsFileTime
GetEnvironmentStringsW
InterlockedIncrement
TerminateThread
GlobalUnlock

Sections

.text
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ