166d4b106ed6440d24da93f7ffe60a12_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

166d4b106ed6440d24da93f7ffe60a12_JaffaCakes118
Size

305KB
MD5

166d4b106ed6440d24da93f7ffe60a12
SHA1

0aa6af93879264a7d86a72e03e80db0357dbcbdb
SHA256

1b9076ba7495f849ae6fed958d02c67f48b503a023ba6edc3e8179b02f282705
SHA512

b369bf9aaeaad594a9baaaf19d29f60de3c0497c838ce52e10dd857ed8def1687f43b6584cc861daf37afc3aa930b1db08addfc8da11953ef73cf73d3b1ffbe0
SSDEEP

6144:n0F2lnHHnHrLrLLrLrDfqlzy+MixKY1T4vErxTOyxTZ1C5RcXUjX:IU8u+M5CBOyxT/C5RcI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
166d4b106ed6440d24da93f7ffe60a12_JaffaCakes118

Files

166d4b106ed6440d24da93f7ffe60a12_JaffaCakes118
.exe windows:5 windows x86 arch:x86

51e77589b9e30c8dd691630044ca765c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetVolumeLabelW
GetModuleHandleW
GetStringTypeW
GetACP
WriteConsoleW
VirtualAlloc
CreateSemaphoreW
GetProcessHeap
SetCurrentDirectoryA
GetStringTypeA
LoadLibraryA
CreateMailslotA
CreateFileMappingW
DeleteFileA
InitializeCriticalSection
SetEnvironmentVariableA
GetConsoleAliasA
FatalExit
CreatePipe
GetShortPathNameW
DeviceIoControl
DeleteFileA
DeleteFileA

mshtml

DllEnumClassObjects
ShowHTMLDialog
ShowModalDialog
ShowModelessHTMLDialog

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 298KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE