e0e79865361fdb4f053f245bf6ae0555_JaffaCakes118 | Triage

Sharing

General

Target

e0e79865361fdb4f053f245bf6ae0555_JaffaCakes118
Size

177KB
MD5

e0e79865361fdb4f053f245bf6ae0555
SHA1

d4ae9140ae1b3289bfc728a0730d1e3645bdd050
SHA256

458bfef45ad8cde63e8c804e95c38f1013ac7adb15e522b9127bc54c52fd39bd
SHA512

d4d7fd0978c1cc2e0a742006568304bb4771bed4363a16e7f667e2d7370e76a204c015a57924aa4fe04d21c0d96da8ad9f63714f950261700c3c8de2cadc2858
SSDEEP

3072:vazL6x7laEmOwjYzUAcyXtRflxzmA2J5d1msUZjEU6l:veL6QDEzJFrWQssjHM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0e79865361fdb4f053f245bf6ae0555_JaffaCakes118

Files

e0e79865361fdb4f053f245bf6ae0555_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9e6d3e79ffeec1c8e4217fa5206f90a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderPathA

rpcrt4

NdrConformantArrayFree
UuidCreate

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

kernel32

TlsFree
HeapReAlloc
GetAtomNameW
IsBadWritePtr
GetEnvironmentStrings
WriteFile
WideCharToMultiByte
FreeEnvironmentStringsA
HeapDestroy
GetCurrentThread
HeapCreate
SetFilePointer
VirtualFree
SetLastError
GetModuleFileNameA
IsBadCodePtr
GetStdHandle
GetEnvironmentVariableA
EnumResourceNamesA
GetStartupInfoA
SetUnhandledExceptionFilter
IsBadStringPtrW
FatalAppExitA
IsBadReadPtr
VirtualAlloc
GetEnvironmentStringsW
SetHandleCount
TlsGetValue
FreeEnvironmentStringsW
GetCPInfo
UnhandledExceptionFilter
TlsAlloc
GetFileType
TlsSetValue

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ