1855f2c07568400e95f6489d2ccc9dad_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1855f2c07568400e95f6489d2ccc9dad_JaffaCakes118
Size

134KB
MD5

1855f2c07568400e95f6489d2ccc9dad
SHA1

2e1f160284d033f505d31a0d4a7602d6a7153063
SHA256

249e008134af20b6b11a582e5742458fbaa025e959c6ee1f356bb6d93e2b3005
SHA512

46460e8495fd89ab526bc5a3f7c457dcf44652fb5971562205bca0ae459cddb5565a2d98ac7beb036d728851ab70a89fde0e0c4070f2e1e83a6b05d1ac2d0e03
SSDEEP

3072:f+qiuLnShhLZLyPZGHLll65WQdxMyIA6LN2T:fPiuLnmZLyml6BMyddT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1855f2c07568400e95f6489d2ccc9dad_JaffaCakes118

Files

1855f2c07568400e95f6489d2ccc9dad_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0974c18e90ca46443db8198ac5b4500a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathCompactPathExA
StrCmpLogicalW
StrCmpNIA

kernel32

GetModuleHandleW
lstrlenW
GetSystemDirectoryA

Exports

Exports

?CoolerOptions@[SXH_KK]V
?GetImpersunt@[SXH_KK]V

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xsys
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ