23a2871761416d6393676ba921cb2bf2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

23a2871761416d6393676ba921cb2bf2_JaffaCakes118
Size

177KB
MD5

23a2871761416d6393676ba921cb2bf2
SHA1

9bb3d8ea53c40e16f486248471adb743b7175c6a
SHA256

5404980883f6e59facd108fad8d307793a0965e047d483eb5a0445c41085112c
SHA512

8bbe4dcfba779bf2386f89792ae6583aae69e4bd78cf6b11fb97968af04c1db30f7a510a917077187fe40cf0734c95e5beccd9bc0c90225206aafaf58d6edcd2
SSDEEP

3072:3JDH3MDn1XMPJ6s72wtkBHgLC91ZT3QGdZpm9yefjwqWhJ6l2J8SlR+1Ke9mPhw:3N2n1XQ6s7ntAYC91ZT39dZpYdjZCw2a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23a2871761416d6393676ba921cb2bf2_JaffaCakes118

Files

23a2871761416d6393676ba921cb2bf2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d411e21194c4e2e135f28fd5966ca2a2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetLocaleInfoA
WriteConsoleA
GlobalGetAtomNameW
SetStdHandle
GetDateFormatA
TlsSetValue
GetTimeFormatA
GetConsoleOutputCP
VirtualAlloc
TlsAlloc
TlsGetValue
EnumResourceNamesA
IsValidCodePage
GetACP
GetCPInfo
GetCPInfoExW
HeapReAlloc
HeapSize
GetOEMCP
RtlUnwind
SetFilePointer
RaiseException

occache

FindControlClose

shlwapi

SHCreateStreamOnFileA
PathIsFileSpecA
PathIsContentTypeA
PathAppendA
SHCreateStreamOnFileEx
PathCreateFromUrlW

Sections

.text
Size: 90KB - Virtual size: 478KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ