059bdabfd969340ee837697065b88359_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

059bdabfd969340ee837697065b88359_JaffaCakes118
Size

124KB
MD5

059bdabfd969340ee837697065b88359
SHA1

4f049dc6b554e3b64c2d55d45d4feb21fce38940
SHA256

d1e7da4dbca9b53fe4a51d2f5c81d4a4e2e52f57223b845da6b36fc00e70a623
SHA512

b2f189ccfccc5d638ec9cf8bfd72877cf3c696a0e49c1a2bc245e4b7cd872431e1e7272ed65a60643c47317af1cf0d6e06fde7395750f78de1707965a5801511
SSDEEP

1536:Vm/WFbaYwF/nvBi49Aqb1SsSVUVdFXU+ZTYQwffupWRQrzE/OIi4TzUO9:Q+FfgvbjQU/FX35mQEUGOi3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
059bdabfd969340ee837697065b88359_JaffaCakes118

Files

059bdabfd969340ee837697065b88359_JaffaCakes118
.exe windows:4 windows x86 arch:x86

66820549b790f6f06c19e37fd2e0b9c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFileInfoA

gdi32

GetCurrentObject

msvcrt

fgetwc
strtod
memset

comdlg32

GetSaveFileNameW

esent

JetBeginExternalBackup

advapi32

OpenSCManagerW

kernel32

RaiseException
InterlockedExchange
GetProcAddress
LoadLibraryA
InterlockedIncrement
InterlockedDecrement
LocalFree
FileTimeToLocalFileTime
UnhandledExceptionFilter
DefineDosDeviceW
LocalAlloc
GetVersionExW
SetFileApisToOEM
GetEnvironmentStrings
ConvertFiberToThread
AllocConsole
GetWindowsDirectoryA
lstrcatA
GetBinaryTypeA
FindFirstFileW
GetLastError
FreeLibrary

msi

ord160

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

P4XXaG
Size: 24KB - Virtual size: 22KB