5c15e2f05bb863046aa2e952806a7d7e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5c15e2f05bb863046aa2e952806a7d7e_JaffaCakes118
Size

272KB
MD5

5c15e2f05bb863046aa2e952806a7d7e
SHA1

3d0b392bcde20ed3051304ca5d9117c0b40fca12
SHA256

666f1359d0f2873b30f193c68de47986a03e1350d9f5829715e9b2f8b29548cf
SHA512

e1e454576bf679dd28d919f349c0239e700698723b1188612ab18b6660aa69612b3640777eee7f24bc7f557cc0477741613479c6c7d936e05ed51415ade84f8f
SSDEEP

6144:Br+/WtfQGZ8AIrCnPO3RO+G0adLbWDN9wvfdHlSd3UpKNeJRLm:tLosI+PO3TG0WbWDNKvtlSdkZrL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c15e2f05bb863046aa2e952806a7d7e_JaffaCakes118

Files

5c15e2f05bb863046aa2e952806a7d7e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

35e04348cfb7b777c969c789c3cdd211

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
IsValidCodePage
GlobalGetAtomNameW
GetCPInfo
GetLocaleInfoA
FreeLibrary
GetTimeFormatA
SetFilePointer
RtlUnwind
WriteConsoleA
EnumResourceNamesA
GetConsoleOutputCP
InitializeCriticalSection
GetOEMCP
LoadLibraryA
GetDateFormatA
MultiByteToWideChar
GetCPInfoExW
VirtualAlloc
HeapReAlloc
SetStdHandle
GetACP
RaiseException

shlwapi

SHCreateStreamOnFileA
PathAppendA
PathIsFileSpecA
PathIsContentTypeA
SHCreateStreamOnFileEx
PathCreateFromUrlW

occache

FindControlClose

Sections

.text
Size: 133KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ