a8dd62fe9aad33adab7a313c72cb32db_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a8dd62fe9aad33adab7a313c72cb32db_JaffaCakes118
Size

1.9MB
MD5

a8dd62fe9aad33adab7a313c72cb32db
SHA1

0e0a6b733ebf2710152bac732088838597c6f136
SHA256

4369bbebe5ccb1a40c3174f46bf72a6e320e064bbe59c32d35318bb60d1b7816
SHA512

9911ab6409918b36758f8b0bedc77fff37586a7085070415c03e3cf75c1fd13fbecec6357df2766543903789bdafae70e4c3ae39d0a33147989493d2262943b6
SSDEEP

49152:D9BoMPCK2BxriWAvwfbq3ahV2dhtPBqpbNC+CuA:hSMl2BZZAvwfWKb2dv7tH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8dd62fe9aad33adab7a313c72cb32db_JaffaCakes118

Files

a8dd62fe9aad33adab7a313c72cb32db_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bef95d5808be05496836846b7816f123

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleacc

CreateStdAccessibleObject

kernel32

GlobalFindAtomA
UnhandledExceptionFilter
FoldStringW
GetStartupInfoA
QueryPerformanceCounter
GetProcessHeap
GetSystemTimeAsFileTime
LocalAlloc
GetCurrentProcessId
TerminateProcess
InterlockedExchange
EnumResourceLanguagesW
SetUnhandledExceptionFilter
GetCurrentProcess
GetLocaleInfoW
GetTickCount
VirtualProtect
GetPrivateProfileStructW
InterlockedCompareExchange
IsDebuggerPresent
GetCurrentThreadId
GetModuleHandleW
DeleteFileW

shlwapi

StrRetToBSTR
UrlCreateFromPathW
UrlUnescapeW
PathCreateFromUrlW
PathFindExtensionW
PathAppendW
PathRemoveFileSpecW
PathIsRelativeW
StrCmpIW
PathCombineW

Sections

.text
Size: 934KB - Virtual size: 4.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ