JaffaCakes118_3f988b87a302eaeaf144e47c873a996b | Triage

Sharing

General

Target

JaffaCakes118_3f988b87a302eaeaf144e47c873a996b
Size

182KB
MD5

3f988b87a302eaeaf144e47c873a996b
SHA1

f6fd1d58d5c418e248389a9eeab068f801564053
SHA256

1b7b3d299cf781d70114c181b33de22d47bf20e53106c28969e83cc8d4e9b3b4
SHA512

385176c703cac543225a292128f329e33c0fcff38a5e1fef412e081d6c8abb0c4b9495b0457b4e2d0cf581c970f69509b4bc053d20c091ef85fdde97593e2c28
SSDEEP

3072:CupClVC5JKgLsLicBGBGwlnwASgDnkYb6HKbNsrXpc:C9l88gYBa5BTm/e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_3f988b87a302eaeaf144e47c873a996b

Files

JaffaCakes118_3f988b87a302eaeaf144e47c873a996b
.exe windows:4 windows x86 arch:x86

ff3d9c4cdb44b82b9d8e048495326d7a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetMalloc
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

kernel32

GetUserDefaultLCID
IsValidLocale
GetCPInfoExA
LeaveCriticalSection
InitializeCriticalSection
RaiseException
CreateFileA
Sleep
WriteConsoleA
GetVersionExA
DeleteCriticalSection
EnumResourceNamesA
InterlockedIncrement
EnterCriticalSection
GetLocaleInfoW
IsValidCodePage
HeapSize
GetConsoleOutputCP
RaiseException
RtlUnwind
InterlockedDecrement
SetStdHandle
EnumSystemLocalesA
GetLastError
GetCurrentThreadId
WriteConsoleW

rpcrt4

RpcBindingFromStringBindingA
RpcStringBindingComposeA
RpcStringFreeA

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ