65591c143ff9874958d9be269f2ec8d5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65591c143ff9874958d9be269f2ec8d5_JaffaCakes118
Size

181KB
MD5

65591c143ff9874958d9be269f2ec8d5
SHA1

db3127ec9baa9622c5da3185acd9e75dc21ff10f
SHA256

2e92051b41d064b5742934dee9ef46ab6d00ed3ac051aa0d505e9d945609cab3
SHA512

7f3f78884c4ca3a1550d6621f7fc3d99d3ea33ee51b09bd6947541afbb5c35bde6f9a969f0df898aa23d9da6e47757765a84e884d825f994b6130b64ad1a44b4
SSDEEP

3072:hBLqWy0Ryo3yE/YU6IkZVjoVUitgTN+6SALFjjmkJXqnl138GK47B:hBLhr3yE/YpLPQUiGYLALFHjJXq73NT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65591c143ff9874958d9be269f2ec8d5_JaffaCakes118

Files

65591c143ff9874958d9be269f2ec8d5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cf13560f112ae1caded8eaaae1f4a12a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
IsDebuggerPresent
VirtualAlloc
HeapReAlloc
GlobalGetAtomNameW
SetUnhandledExceptionFilter
SetFilePointer
InitializeCriticalSection
GetDateFormatA
WriteFile
WriteConsoleA
GetOEMCP
HeapSize
GetLocaleInfoA
UnhandledExceptionFilter
LeaveCriticalSection
MultiByteToWideChar
LoadLibraryA
GetACP
EnumResourceNamesA
GetCurrentProcessId
TerminateProcess
IsValidCodePage
GetCPInfoExW
GetCurrentProcess
GetConsoleOutputCP
RtlUnwind
GetTimeFormatA
FreeLibrary
EnterCriticalSection
GetSystemTimeAsFileTime
GetCPInfo
RaiseException

shlwapi

SHCreateStreamOnFileA
PathIsContentTypeA
SHCreateStreamOnFileEx
PathIsFileSpecA
PathAppendA
PathCreateFromUrlW

rpcrt4

RpcStringFreeA

Sections

.text
Size: 90KB - Virtual size: 237KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ