946b122d342300e8c9d985dc284dc6c2_JaffaCakes118 | Triage

Sharing

General

Target

946b122d342300e8c9d985dc284dc6c2_JaffaCakes118
Size

181KB
MD5

946b122d342300e8c9d985dc284dc6c2
SHA1

b330278a2509ce87abc07566200a1686bd2ed617
SHA256

50506a34c9acffd8f387aa5a85891f91766bff967d3fa296bdb66340631f811d
SHA512

8cb8ed17c6cd4ad4a863d262762aaa304cbb752f34d2729aca2cb28d1f72500af9385fa8441f0e9ffbf185ff55ce774e5e040aca94cb9ef2e14c0933c4b70c18
SSDEEP

3072:riQYHtfmYdjNwRd+83dxyWZJDSGgajfXTFn/9lvmuUf9P84YEko7:jkg53d1ZNSGgWbdV9pUNDYEko7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
946b122d342300e8c9d985dc284dc6c2_JaffaCakes118

Files

946b122d342300e8c9d985dc284dc6c2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3265e5f08da41f4e1b9d40d9563f528f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
GetShortPathNameW
GetProcAddress
GetModuleHandleA
GetLastError
GetProcessTimes
GetCurrentThreadId
SetUnhandledExceptionFilter
GetCurrentProcessId
IsDebuggerPresent
IsBadWritePtr
FreeLibrary
LocalFree
GetThreadLocale
CloseHandle
MultiByteToWideChar
EnumResourceTypesA
lstrlenA
InitializeCriticalSection
CreateFileA
ExitProcess
IsBadReadPtr
lstrlenW
UnhandledExceptionFilter
DeleteCriticalSection
LoadLibraryA
GetVersionExA

msvfw32

ICClose
ICOpen
ICSendMessage
ICDecompress

user32

wsprintfA
wsprintfW

ole32

StgCreateDocfile
StgOpenStorage

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ