dd45f15aee4c412ffe455f15303da29c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd45f15aee4c412ffe455f15303da29c_JaffaCakes118
Size

490KB
MD5

dd45f15aee4c412ffe455f15303da29c
SHA1

00f05370cbb220a6fba4643f1bb87f63a518eaee
SHA256

c28d57a9ccdce23bfc0b76541f5ead7e1d9c30615032199feaa2c69bdc24e3aa
SHA512

472a068370413fd6857e277d5bb4cb7c33e01311c14820a74c3c338ad114ea73c34429912c30917b05041c61016a1eed3301a1cdcf862085b91d3fd58242ee5a
SSDEEP

12288:nSIH4/ykgemsBrC2E3c8CcVXIdQD7g7lKMG6HQ:nbQykg3sBdcEQI79BHQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd45f15aee4c412ffe455f15303da29c_JaffaCakes118

Files

dd45f15aee4c412ffe455f15303da29c_JaffaCakes118
.exe .pdf windows:4 windows x86 arch:x86 polyglot

1de833b658612a7e0ad70f2351d202a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
CreateDirectoryA
GetModuleFileNameA
FreeResource
LockResource
LoadResource
SizeofResource
FindResourceA
SetProcessPriorityBoost
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
lstrcatA
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
GetModuleHandleA
GetStartupInfoA

shell32

ShellExecuteA
ShellExecuteExA
SHChangeNotify

msvcrt

_initterm
fclose
fwrite
fopen
sprintf
strrchr
_exit
_XcptFilter
exit
_acmdln
__getmainargs
fflush
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 485KB - Virtual size: 485KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ