7715f9cfebe1367ad60da55d8dbd9b72_JaffaCakes118 | Triage

Sharing

General

Target

7715f9cfebe1367ad60da55d8dbd9b72_JaffaCakes118
Size

185KB
MD5

7715f9cfebe1367ad60da55d8dbd9b72
SHA1

36fe10d10dea306e55eb5256dd56c6e57b6775e1
SHA256

3fb26a1fcdd781b84bc0ecc48c9c1629cce5b5ace60f6d7f701b73337df82b41
SHA512

366edec51c8281c9d03203aeaa49d4a74d3a6d8185c4cfbe2fde49b10352812af7398bf27c79a8e0e3a076b9eb43c86f57260cc8e56bd11a14670ae1e2481923
SSDEEP

3072:vSiG1rMlP63CzKG8KeYSDW0omdGw3e4hObtlr/AgBDdKS6NUn:vdG1rMlS3trZYeWRmpOT3Vdp6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7715f9cfebe1367ad60da55d8dbd9b72_JaffaCakes118

Files

7715f9cfebe1367ad60da55d8dbd9b72_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e32f239331fbb02705b291772417ca85

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsCharUpperA
IsCharLowerA

shlwapi

StrToIntA
PathStripPathW

kernel32

GetModuleHandleA

Exports

Exports

?CryptCloseAsyncHandleA@567GPAUHINSTANCE__@@U_COMMPROP@@?F
?CryptCloseAsyncHandleW@567GPAUHINSTANCE__@@U_COMMPROP@@?F
?FormatIDImageInformationA@567GPAUHINSTANCE__@@U_COMMPROP@@?F
?FormatIDImageInformationW@567GPAUHINSTANCE__@@U_COMMPROP@@?F

Sections

BSS
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itext
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 524B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ