bf716729d547a730a6c1527672819b37_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf716729d547a730a6c1527672819b37_JaffaCakes118
Size

192KB
MD5

bf716729d547a730a6c1527672819b37
SHA1

4b6e80cacebf16ed7e0de58925fac19c5e2434e6
SHA256

36e8af4d08a8f6ad89b3da8981e87496f3b03f0ca7136e9691beb2ee4d41a896
SHA512

88f0e8e2213413a9e85a5a8cca4e0bc46e917820fb60e73ea2620a7dd298f04ff29098f74e22ccb790da6d0c0bbba8f58327b6a572599f6f472799d7986dcfdd
SSDEEP

3072:z/t+Lh2MkBBGGaGFyxsUd+YkdBMVTD1vS2Z8e7oUCbLhrwmzkyWYAtOtWmz6r7iB:z/stTMhqzjkdBMV9vSUchrxkyWN9JrOB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf716729d547a730a6c1527672819b37_JaffaCakes118

Files

bf716729d547a730a6c1527672819b37_JaffaCakes118
.exe windows:4 windows x86 arch:x86

26b45a1434188601ddcef3af485fc9e7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipGetImageWidth
GdipDisposeImage

kernel32

GetACP
QueryPerformanceCounter
GetProcessHeap
SetPriorityClass
GetSystemTimeAsFileTime
GetLocaleInfoW
CreateProcessA
HeapAlloc
IsDebuggerPresent
GetVersionExA
TerminateProcess
RaiseException
EnumResourceTypesW
UnhandledExceptionFilter
VirtualProtect
GetThreadLocale
SetUnhandledExceptionFilter
GetTempFileNameA
GetPrivateProfileStringW
MulDiv
GetTempPathA
GetCurrentProcessId
GetStartupInfoA
GetCurrentProcess
HeapFree
GetLocaleInfoA
InterlockedExchange
InterlockedCompareExchange
TlsFree

ole32

CoMarshalHresult
CoFreeUnusedLibraries
CoCreateInstance
CoTaskMemFree
CoRevokeClassObject
GetRunningObjectTable
CoInitialize
CoRegisterClassObject
CoUninitialize
CoInitializeEx
StringFromCLSID
CreateStreamOnHGlobal
CLSIDFromString
StringFromGUID2
CreateItemMoniker
CoTaskMemAlloc

Sections

.text
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ