a569f589e21421cd4af704de7527733b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a569f589e21421cd4af704de7527733b_JaffaCakes118
Size

185KB
MD5

a569f589e21421cd4af704de7527733b
SHA1

3cd2b655cc018198619b04ac3a137b75beab8032
SHA256

f1d81d15fe0f0f0984ad2f6372134edb15f4c0a9f6c03877a631361ac8386c3d
SHA512

55256734cba03335a9bc3268e6804820323f05d6e0a428e9f78ba6d051a913bf34c1d55fb927526cf60fc86a89fae55ea39527dab5961ff568f3d4896f545c90
SSDEEP

3072:iqF/xSLMAxq+PD+bVCLxxuspUQEM6ogQXj6X6kZRwWtcDRUAzKw0dKfAYIoEq6Ud:ifo8PdQUUSJX+XLZRwWmUAzN0e/IoEtU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a569f589e21421cd4af704de7527733b_JaffaCakes118

Files

a569f589e21421cd4af704de7527733b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5847e6a963e08bd100a91d811e2b9c86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MulDiv
HeapAlloc
GetSystemTimeAsFileTime
SetPriorityClass
GetVersionExA
GetCurrentProcessId
GetLocaleInfoW
CreateProcessA
UnhandledExceptionFilter
RaiseException
GetThreadLocale
QueryPerformanceCounter
GetProcessHeap
IsDebuggerPresent
InterlockedExchange
EnumResourceTypesW
GetTempPathA
GetTempFileNameA
GetCurrentProcess
SetUnhandledExceptionFilter
GetPrivateProfileStringW
TerminateProcess
InterlockedCompareExchange
GetStartupInfoA
HeapFree
GetLocaleInfoA
GetACP
VirtualProtect
TlsFree

ole32

CoMarshalHresult
CoInitializeEx
CoInitialize
CoUninitialize
CreateItemMoniker
CoCreateInstance
CoRevokeClassObject
StringFromGUID2
CoRegisterClassObject
GetRunningObjectTable
CoFreeUnusedLibraries
CoTaskMemFree
CLSIDFromString
CreateStreamOnHGlobal
StringFromCLSID
CoTaskMemAlloc

gdiplus

GdipGetImageWidth
GdipDisposeImage

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ