fbffdde86057a22c554629fda352f9ec_JaffaCakes118 | Triage

Sharing

General

Target

fbffdde86057a22c554629fda352f9ec_JaffaCakes118
Size

177KB
MD5

fbffdde86057a22c554629fda352f9ec
SHA1

05b9a25c4683c5e0f0bee60c61b343259c149f8e
SHA256

b656642ac0e4b4aba1c71e68cc9547920822af9f9fa593d9e1b56b1ab9c73c2d
SHA512

75f98746b404e8d6672c94fe321eb4d9f7c484c599158c21a2b21a350e005d605c916ccf43ad50c8cab9cb26604cfb56e7f754a618d97a6cb4252288fa436bc6
SSDEEP

3072:ijR1nK4zQofxMC5yApmK/92S661B+Rws8yUdUIcaYFo09i++VzZtw/IDk:ijRRrzCAmKD818+lFT9mtw/8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbffdde86057a22c554629fda352f9ec_JaffaCakes118

Files

fbffdde86057a22c554629fda352f9ec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

97affab6094b78fe4fb47b3dadfa6827

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

RpcBindingFromStringBindingA
RpcStringBindingComposeA
RpcStringFreeA

ole32

CoGetMalloc
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

kernel32

RtlUnwind
GetCPInfoExA
CreateFileA
InterlockedDecrement
GetLocaleInfoW
InitializeCriticalSection
WriteConsoleA
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
EnumSystemLocalesA
IsValidLocale
GetUserDefaultLCID
EnumResourceNamesA
RaiseException
DeleteCriticalSection
GetCurrentThreadId
RaiseException
GetConsoleOutputCP
HeapSize
IsValidCodePage
SetStdHandle
Sleep
GetVersionExA
GetLastError
WriteConsoleW

Sections

.text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ