a4db6f8292a2d4657ed39146fdce750c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a4db6f8292a2d4657ed39146fdce750c_JaffaCakes118
Size

177KB
MD5

a4db6f8292a2d4657ed39146fdce750c
SHA1

b756f90a13a6b51c2f36451d6bbbb9c661057515
SHA256

831c6a3707e204bb10a24f28bc541e1ce30314ef9c9dfa8d572d645f84716056
SHA512

50ae1cac25e597fc278701e139ba8debe5dbc17c6fea390dc066491cddf4a72205a64c2891a306e6509e58a53a5ef0af0684b212b8485abf243cfe500053126c
SSDEEP

3072:i1Cdf8jTOMzW3kALEBrlfIzAphbVLIrGCEnnwuQITWNU6TK/meQ3IleRnd:i1DVyBLEBrSkhUqC9uQgAUpeeQ3IO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4db6f8292a2d4657ed39146fdce750c_JaffaCakes118

Files

a4db6f8292a2d4657ed39146fdce750c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c54dfcf18b88dcb7cd2644d7b459ae93

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA
wsprintfW

msvfw32

ICOpen
ICClose
ICSendMessage
ICDecompress

ole32

StgCreateDocfile
StgOpenStorage

kernel32

GetCurrentProcessId
GetShortPathNameW
GetCurrentThreadId
UnhandledExceptionFilter
GetProcAddress
GetProcessTimes
SetUnhandledExceptionFilter
CreateFileA
EnumResourceTypesA
GetModuleHandleA
CloseHandle
GetLastError
ExitProcess
DeleteCriticalSection
LoadLibraryA
LocalFree
InitializeCriticalSection
IsDebuggerPresent
GetVersionExA

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ