975955d41492f0a6588f97da8b12d6a2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

975955d41492f0a6588f97da8b12d6a2_JaffaCakes118
Size

177KB
MD5

975955d41492f0a6588f97da8b12d6a2
SHA1

c5d53da17f6740e592788797dbcaf6ddaa0e5618
SHA256

fdc9ab44e16415f0388fb29e076e395c2a5d367411b34f349b627354a1e5490e
SHA512

038d7cce20a3f4084451bc8eb8bcce7a93bce65efc54494226519c49af24cb0c27c1804b4f0775c768e97e1c46dc9dc6634a7d443cc15b86115ac78367db1c40
SSDEEP

3072:FssbqiYFLPZ1Ycux7cvykZIQeTKBzupWjPdkHDn/0Rkefz7jJ5nn8lSyx82p75MJ:CsGSNcvyvQ/cdjokefzXJtn8lSyx82ps

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
975955d41492f0a6588f97da8b12d6a2_JaffaCakes118

Files

975955d41492f0a6588f97da8b12d6a2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c5951dc454fc84e06e7145960f8b999e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgCreateDocfile
StgOpenStorage

msvfw32

ICOpen
ICClose
ICSendMessage
ICDecompress

user32

wsprintfA
wsprintfW

kernel32

InitializeCriticalSection
GetModuleHandleA
GetShortPathNameW
IsDebuggerPresent
LocalFree
LoadLibraryA
GetProcessTimes
DeleteCriticalSection
EnumResourceTypesA
UnhandledExceptionFilter
GetCurrentProcessId
SetUnhandledExceptionFilter
ExitProcess
CreateFileA
CloseHandle
GetProcAddress
GetCurrentThreadId
GetLastError
GetVersionExA

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ