4bcc886d0d30c021ea4327166e4bdf85_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4bcc886d0d30c021ea4327166e4bdf85_JaffaCakes118
Size

185KB
MD5

4bcc886d0d30c021ea4327166e4bdf85
SHA1

012bfcdbb66f73e497302eadcbc296a48329c26f
SHA256

a02739147ef1cd5f1becea69e4228f041f9b03b651041c38e1417cb980641074
SHA512

665ca01b8b145ba5b045962e3ca5a7255f82fcb061928e1f57fedfc90a40565887538fcbe2264a7bc5413254b26c1b4eeb410afd166b38a6715d2a0a1ec6aef9
SSDEEP

3072:KPaIGDUcTsMKzRSTV1c6LcEJIWVXXmdu/D7A8U0ykSmCA2wdHK6LgQycaQiuWf:K34USsBzRSTV1pLce7WdiDc8UECA2wML

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bcc886d0d30c021ea4327166e4bdf85_JaffaCakes118

Files

4bcc886d0d30c021ea4327166e4bdf85_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e049f2a94471c9a6ce6fc5c5c242f975

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomW
ReadFile
GetThreadLocale
GetOEMCP
WideCharToMultiByte
SetFilePointer
VirtualProtect
GetStringTypeA
GetDiskFreeSpaceA
FlushFileBuffers
GetFullPathNameA
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
WriteFile
CreateFileA
GetEnvironmentStringsW
EnumResourceNamesW
LCMapStringA
FindFirstFileA
GetCPInfo
GetStringTypeExW
UnhandledExceptionFilter
GetFileAttributesA
GetEnvironmentStrings
LCMapStringW
IsBadCodePtr
IsBadReadPtr
FreeEnvironmentStringsW
GetStringTypeW
SetStdHandle
MulDiv

rpcrt4

RpcStringFreeA

shlwapi

SHGetInverseCMAP
PathAppendA
PathIsContentTypeA
PathIsFileSpecA
SHCreateStreamOnFileEx
PathCreateFromUrlW

Sections

.text
Size: 95KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ