2569998f1139a5d410130c72160ee2c2_JaffaCakes118 | Triage

Sharing

General

Target

2569998f1139a5d410130c72160ee2c2_JaffaCakes118
Size

118KB
MD5

2569998f1139a5d410130c72160ee2c2
SHA1

c6486d0877dbea287bb94c50512cb91b31ee75f4
SHA256

3059947e9e02143a2c27a0a1dd510030bdfefbdb0d44c3aed2dac4a820ea0a5b
SHA512

4c89074cd619a867bdf8d8104f8b788f535ba710d426a13e8e9004166003f658f1e88aed477a04aeb350aaa3c96f42e9517e453cf7371eea1e602318c117b1a7
SSDEEP

3072:l0eYi/tgUb5ndNkkxDtduniWFd79rh1EuJrZA0:l39b5nd6WDvuni67/h4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2569998f1139a5d410130c72160ee2c2_JaffaCakes118

Files

2569998f1139a5d410130c72160ee2c2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

281cfe47f730c03cb59fa6f17862892b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
CreateFileMappingW
SetCurrentDirectoryA
WriteConsoleW
InitializeCriticalSection
GetConsoleAliasA
GetProcessHeap
GetModuleHandleW
SetEnvironmentVariableA
CreateSemaphoreW
VirtualAlloc
SetVolumeLabelA
GetACP
FatalExit
CreateMailslotA
DeleteFileA
InterlockedExchange
GetShortPathNameW
DeleteFileA
GetModuleHandleA
DeviceIoControl
DeleteFileA
CreatePipe

mshtml

ShowModalDialog
ShowHTMLDialog
ShowModelessHTMLDialog
DllEnumClassObjects

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rrs
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.afdr
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ