75ccb1d6acda4c4e3699e113ec85c6b1_JaffaCakes118 | Triage

Sharing

General

Target

75ccb1d6acda4c4e3699e113ec85c6b1_JaffaCakes118
Size

287KB
MD5

75ccb1d6acda4c4e3699e113ec85c6b1
SHA1

46601487f59c2541c3a2261d30d7f02934cee2f9
SHA256

09d06214b4129bf23f0ee0001011136c6b786de60ab46c47cc25273407d14703
SHA512

a087b09ef205b8c99bbd66aa77feefd017ddc8300b9abacb625a82bbf4d387198eb24f96ef9f9fb204d153c61b2b8a15d5810a43e4d35b3bbaa726f51c4275cd
SSDEEP

6144:fXA0P+lWaNXBr9YwrfhcS5Q7Uc8Fa8UgZflBMElhMmX4eR0s:j+7NXBr+wr5WQcca8UgZlBMElTGs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
75ccb1d6acda4c4e3699e113ec85c6b1_JaffaCakes118

Files

75ccb1d6acda4c4e3699e113ec85c6b1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

80d24e4393630c8401b4c410c9652f0a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadCodePtr
FlushFileBuffers
GetEnvironmentStringsW
GetAtomNameA
WriteFile
FreeEnvironmentStringsA
FindFirstFileA
GetThreadLocale
IsBadReadPtr
UnhandledExceptionFilter
FreeLibrary
ReadFile
SetStdHandle
SetUnhandledExceptionFilter
SetFilePointer
EnumResourceNamesA
GetFileAttributesA
VirtualProtect
LCMapStringW
GetDiskFreeSpaceA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetStringTypeA
LCMapStringA
GetCPInfo
LoadLibraryExW
GetOEMCP
CreateFileA
GetFullPathNameA
WideCharToMultiByte
MulDiv

shlwapi

DllGetVersion
PathIsContentTypeA
SHCreateStreamOnFileEx
PathIsFileSpecA
PathAppendA
PathCreateFromUrlW

rpcrt4

RpcStringFreeA

Sections

.text
Size: 149KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ