161b17f084a22fb4dd420d7221423357_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

161b17f084a22fb4dd420d7221423357_JaffaCakes118
Size

192KB
MD5

161b17f084a22fb4dd420d7221423357
SHA1

a685469124d42c0b657f5ddd7e2f657783de9a30
SHA256

b4e84fbbce94e9db8a1a67699c3478944a68c6d73ed7b1a2195e11574756cc72
SHA512

f515ca6446b372583d71209a81a10c22a2b7ce9ef9dbdd3beaef6feefb48d995456cc7e5fe4e381022738d6ec438d03f19f014d45f100bab3074e50edeb07ea9
SSDEEP

3072:gEk+FLRhrKOcB9s/jX/UugTKpM1tdO99Y8d/TuOIxubMaeJoJ6m6PjuA7SByja:gEkocHs/TUJKpMo9G8d7V4XJorO/SBI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
161b17f084a22fb4dd420d7221423357_JaffaCakes118

Files

161b17f084a22fb4dd420d7221423357_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ae00a710f88cb59dde658dcae942dfaf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetPriorityClass
TerminateProcess
GetStartupInfoA
UnhandledExceptionFilter
InterlockedCompareExchange
HeapAlloc
QueryPerformanceCounter
GetLocaleInfoW
GetACP
GetCurrentProcess
HeapFree
GetVersionExA
CreateProcessA
SetUnhandledExceptionFilter
RaiseException
EnumResourceTypesW
GetCurrentProcessId
MulDiv
GetProcessHeap
GetPrivateProfileStringW
GetThreadLocale
GetSystemTimeAsFileTime
GetTempPathA
GetTempFileNameA
GetLocaleInfoA
VirtualProtect
IsDebuggerPresent
InterlockedExchange
TlsFree

ole32

CoMarshalHresult
CreateStreamOnHGlobal
StringFromCLSID
CoRegisterClassObject
CoRevokeClassObject
CoInitialize
GetRunningObjectTable
CoFreeUnusedLibraries
CoTaskMemFree
CreateItemMoniker
StringFromGUID2
CoUninitialize
CoInitializeEx
CLSIDFromString
CoCreateInstance
CoTaskMemAlloc

gdiplus

GdipGetImageWidth
GdipDisposeImage

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ