5d71a49921643623a328afac4a33f9fd_JaffaCakes118 | Triage

Sharing

General

Target

5d71a49921643623a328afac4a33f9fd_JaffaCakes118
Size

175KB
MD5

5d71a49921643623a328afac4a33f9fd
SHA1

bc5674d318bef0b77ca29070c2b06daddc2aa579
SHA256

1720780ec09b55bffdcba361cb96f99f6d00f5c7014ea919db766eaa06350eda
SHA512

8983c295fe3840162bad2de6aba61e6990acfa46460a0d31c6453f1fecc6dc10c3c7e3ca83ccb4e6abf18144e2d6ce50f38cd59b06c59d6638dd13daee4aab37
SSDEEP

3072:D5iWyjLteKfqKheuUk9PH3e+Si4KSEbfcVBecS7H+fHt5z:DoTg2bhei/SXc4FKHSHTz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d71a49921643623a328afac4a33f9fd_JaffaCakes118

Files

5d71a49921643623a328afac4a33f9fd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d57136fca84f4c054a59fcdc766b44c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeFormatA
GetLocaleInfoA
GetAtomNameW
VirtualAlloc
GetConsoleOutputCP
TlsAlloc
GetACP
SetFilePointer
GetCPInfo
GetOEMCP
SetStdHandle
TlsSetValue
EnumResourceNamesA
MultiByteToWideChar
IsValidCodePage
WriteConsoleA
GetDateFormatA
GetCPInfoExA
HeapSize
HeapReAlloc
TlsGetValue
RtlUnwind
RaiseException

shlwapi

UrlUnescapeW
PathIsFileSpecW
PathAppendW
SHCreateStreamOnFileEx
PathIsContentTypeW
PathCreateFromUrlA

occache

FindControlClose

Sections

.text
Size: 83KB - Virtual size: 475KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ