1506356b7b4ee55d5b84f89a2b82d903_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1506356b7b4ee55d5b84f89a2b82d903_JaffaCakes118
Size

181KB
MD5

1506356b7b4ee55d5b84f89a2b82d903
SHA1

ec788bdd7c47eb94e93d74630149edb524977fbc
SHA256

6246ac141dbfe8ba56b0b0a072f400e2e760e9973daeaeb1b522b35c571515a2
SHA512

091b3eefabd8a2b9a7fea0f433c180daca10c088de5703a9fc1cc394c5f0d87200c6fc0cbf92301505527adf4c206be622dc11206b25d9fa84c25985471a0dac
SSDEEP

3072:hBLqWy0hyo3yE/YU6IkZVjoVUitgTN+6SALFjjmkJXqnl138GK47B:hBLhb3yE/YpLPQUiGYLALFHjJXq73NT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1506356b7b4ee55d5b84f89a2b82d903_JaffaCakes118

Files

1506356b7b4ee55d5b84f89a2b82d903_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cf13560f112ae1caded8eaaae1f4a12a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
IsDebuggerPresent
VirtualAlloc
HeapReAlloc
GlobalGetAtomNameW
SetUnhandledExceptionFilter
SetFilePointer
InitializeCriticalSection
GetDateFormatA
WriteFile
WriteConsoleA
GetOEMCP
HeapSize
GetLocaleInfoA
UnhandledExceptionFilter
LeaveCriticalSection
MultiByteToWideChar
LoadLibraryA
GetACP
EnumResourceNamesA
GetCurrentProcessId
TerminateProcess
IsValidCodePage
GetCPInfoExW
GetCurrentProcess
GetConsoleOutputCP
RtlUnwind
GetTimeFormatA
FreeLibrary
EnterCriticalSection
GetSystemTimeAsFileTime
GetCPInfo
RaiseException

shlwapi

SHCreateStreamOnFileA
PathIsContentTypeA
SHCreateStreamOnFileEx
PathIsFileSpecA
PathAppendA
PathCreateFromUrlW

rpcrt4

RpcStringFreeA

Sections

.text
Size: 90KB - Virtual size: 237KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ