724c11e2902e08acf9c3fea0daa57331_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

724c11e2902e08acf9c3fea0daa57331_JaffaCakes118
Size

189KB
MD5

724c11e2902e08acf9c3fea0daa57331
SHA1

11a75000909907bc2c5e15caa4985fb3487715a1
SHA256

b6ec377a80b3406e6c143682d23079e43c06dcbdc216b2eed307d0f37dd81dc7
SHA512

1131ea2e39d90a8fc0c2bc640dd542dcbbbecc69f0fa9e675678432776e1a4d0dcfeb370248318a756f590a72ba54c6860339c6c22ffe6dd5add176dd6245316
SSDEEP

3072:Dcv58Llo4rLwWoXtlSTzGc4xgvW/FwX68rQxfLYr0xyaKNhcB8gPuWx7V:Dcv58LX3wWoXtiGTwXXQ4NSPu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
724c11e2902e08acf9c3fea0daa57331_JaffaCakes118

Files

724c11e2902e08acf9c3fea0daa57331_JaffaCakes118
.exe windows:4 windows x86 arch:x86

36fd18533ee6c85e83d6121ca6501da3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameA
GetDiskFreeSpaceA
UnhandledExceptionFilter
GetAtomNameA
SetStdHandle
LoadLibraryExW
GetOEMCP
FreeLibrary
GetThreadLocale
FlushFileBuffers
CreateFileA
SetUnhandledExceptionFilter
LCMapStringW
EnumResourceNamesA
SetFilePointer
GetEnvironmentStrings
FreeEnvironmentStringsW
GetCPInfo
GetEnvironmentStringsW
WideCharToMultiByte
FindFirstFileA
VirtualProtect
GetFileAttributesA
GetStringTypeW
IsBadReadPtr
FreeEnvironmentStringsA
ReadFile
LCMapStringA
IsBadCodePtr
WriteFile
MulDiv

shlwapi

SHCreateStreamOnFileW
SHCreateStreamOnFileEx
PathIsContentTypeA
PathAppendA
PathIsFileSpecA
PathCreateFromUrlW

rpcrt4

RpcStringFreeA

Sections

.text
Size: 102KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ