1b8917cdc8db198d86e2e26070a26c80_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1b8917cdc8db198d86e2e26070a26c80_JaffaCakes118
Size

165KB
MD5

1b8917cdc8db198d86e2e26070a26c80
SHA1

609b4fcfe2abade42c8882535c00ddccf09757a6
SHA256

a5d6215af53a472edc7bf6b6a4b1574c5ddc0da6897ecc9dd024e70ce62833c3
SHA512

d3a896e182e76192c8644cae4034372e9fd7e842a505eea5730d2f5521adc400289cc9f6226ebf0bd23df7b33b6623ea3d1561882b7cada89694a5b6ec7ff815
SSDEEP

3072:hIHo0hr07tcWTgQWuMIE2TJV4yutD5628u+K9oMeqFdxeme0RN:yZR055WdIz1038nK9oMeqF3rRN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b8917cdc8db198d86e2e26070a26c80_JaffaCakes118

Files

1b8917cdc8db198d86e2e26070a26c80_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c67f97a08deada494592ed5e4aa55f8a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
GlobalGetAtomNameW
HeapReAlloc
WriteConsoleA
VirtualAlloc
GetACP
MultiByteToWideChar
LoadLibraryA
GetCPInfo
SetStdHandle
EnumResourceNamesA
HeapSize
GetDateFormatA
GetConsoleOutputCP
SetFilePointer
GetCPInfoExW
FreeLibrary
GetOEMCP
IsValidCodePage
GetTimeFormatA
InitializeCriticalSection
GetLocaleInfoA
RaiseException

occache

FindControlClose

shlwapi

SHCreateStreamOnFileA
SHCreateStreamOnFileEx
PathIsFileSpecA
PathIsContentTypeA
PathAppendA
PathCreateFromUrlW

Sections

.text
Size: 82KB - Virtual size: 481KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ