23c1e266f9855c6c20f381f7284d645d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

23c1e266f9855c6c20f381f7284d645d_JaffaCakes118
Size

284KB
MD5

23c1e266f9855c6c20f381f7284d645d
SHA1

368aa881601798fcc08b69682b041bf7186a6c2c
SHA256

7891ff9c3aa28e47cb6229c4e7b1cc869952b9ac6c368ee4e19e43990f6b3e7f
SHA512

ab69322a40b1e407cf2d2494fffc735295ae2210a13e50dd7a6b5d14a29b4dd15ad176d6a6f85c30c66b68d07c7b73b6e47142e66daa5d1989c944874121e98f
SSDEEP

6144:Gr0gmWUYm7mpyjb/4r5ZloeGfb2LC09zkjeqzXZZR:Gr07YUjbgloesb2LCMBqzPR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23c1e266f9855c6c20f381f7284d645d_JaffaCakes118

Files

23c1e266f9855c6c20f381f7284d645d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

69bf590af85bc8b0a0a183930d5446db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GlobalFindAtomA
IsBadCodePtr
FlushFileBuffers
GetDiskFreeSpaceA
SetFilePointer
GetFileAttributesA
GetEnvironmentStrings
GetOEMCP
GetStringTypeA
GetCPInfo
LCMapStringW
FreeEnvironmentStringsA
LCMapStringA
CreateFileA
ReadFile
GetFullPathNameA
EnumResourceNamesA
FindFirstFileA
SetStdHandle
GetStringTypeW
WideCharToMultiByte
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetThreadLocale
GetStringTypeW
IsBadReadPtr
GetEnvironmentStringsW
WriteFile
VirtualProtect
SetUnhandledExceptionFilter
MulDiv

shlwapi

SHGetInverseCMAP
SHCreateStreamOnFileEx
PathAppendA
PathIsFileSpecA
PathIsContentTypeA
PathCreateFromUrlW

rpcrt4

RpcStringFreeA

Sections

.text
Size: 138KB - Virtual size: 270KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ