880d560f45ee430ec7467e22736c243b_JaffaCakes118 | Triage

Sharing

General

Target

880d560f45ee430ec7467e22736c243b_JaffaCakes118
Size

144KB
MD5

880d560f45ee430ec7467e22736c243b
SHA1

d4e10ddf812d5d4d3f5ccd20957e3f5061b3ccf3
SHA256

7587a0de9292b7b865cba968ca09004ce66189eaef10027b3f492ebebd7e033e
SHA512

ee14016d6f4a7c6311daae29b7d15ecdcb98e53206139ad2d2be8ccf7195054a2c279e6b27451d3d51917fd364f367dd0594e12ef00d2ce3ec72a1b38c81a7a9
SSDEEP

3072:o7gvztPLHChSAxGBmkj6RFkFDWjPfsZBgylNpKndt:o7ckSco60FDWjP2BvlNp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
880d560f45ee430ec7467e22736c243b_JaffaCakes118

Files

880d560f45ee430ec7467e22736c243b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0786b0d844eb4fc356e27e09b086b8c8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset

urlmon

URLDownloadToCacheFileW

comctl32

ImageList_LoadImageA

ole32

CoGetMalloc
RegisterDragDrop

gdi32

EndPath

shlwapi

PathGetCharTypeW

user32

GetLastActivePopup
GetThreadDesktop
GetInputState

kernel32

GetThreadId
FindFirstVolumeW
GetVersion
FreeConsole
GetConsoleCP
GetPriorityClass
GlobalMemoryStatusEx

oleaut32

VarCyFromUI4

netapi32

NetShareCheck

shell32

DoEnvironmentSubstW

wininet

FindNextUrlCacheEntryExA

Sections

.text
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

CODE
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ