164d58d048316ef4a8872f246a720a30_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

164d58d048316ef4a8872f246a720a30_JaffaCakes118
Size

118KB
MD5

164d58d048316ef4a8872f246a720a30
SHA1

f69ceeefcb2175917e5123bb0ce8a691b6a462be
SHA256

b6ed8b5967003324d360257ac46af873d0fca917932119ce4e443e561c8f8769
SHA512

721575a68500fac3ba9b5d51f6c77c511a116703d7c17a11bc03c13c23e3d328529f982b4c860cf5a39ebdb87145e413543f50fdff2f5fd34b45fc8d9fd652b6
SSDEEP

3072:JsPumis9qNmThMc44NnkS8mWTJPCIYhFXXXXXXXXXXlcx8Vz0vXHX:J2/2NM04dkShW0IYHXXXXXXXXXXGxxv3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
164d58d048316ef4a8872f246a720a30_JaffaCakes118

Files

164d58d048316ef4a8872f246a720a30_JaffaCakes118
.exe windows:5 windows x86 arch:x86

925f5ca4273dcc4e4f472ef734affe5d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingW
DeviceIoControl
GetACP
DeleteFileA
InitializeCriticalSection
VirtualAlloc
GetStringTypeW
SetEnvironmentVariableA
CreatePipe
GetConsoleAliasA
GetModuleHandleA
GetProcessHeap
InterlockedExchange
DeleteFileA
CreateSemaphoreW
GetShortPathNameA
DeleteFileA
FatalExit
WriteConsoleW
GetModuleHandleW
SetCurrentDirectoryA
CreateMailslotA
SetVolumeLabelA

mshtml

ShowModelessHTMLDialog
ShowModalDialog
DllEnumClassObjects
ShowHTMLDialog

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rrs
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avdr
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ