315f05a699d106aeceff7fbe18f1e8ef_JaffaCakes118 | Triage

Sharing

General

Target

315f05a699d106aeceff7fbe18f1e8ef_JaffaCakes118
Size

273KB
MD5

315f05a699d106aeceff7fbe18f1e8ef
SHA1

48ffa1e5b65af819bbe14b474ee1642de3c8f3c9
SHA256

73c6256969f87a5b2a9077658a48bf50c2cef9210c6add9b30283e23bd5b1a6a
SHA512

ffc31b973ca8ccb042df37257aad2d9c8bf625409acc1cc2e61a44a01c38ee51770ec721d3146cad9df5f0816ad577514a1c81a1c76b9ad282f9a8676b3dad4c
SSDEEP

3072:vcQXDCn38AHhgMBm4H8J6lTCs7vlIrkMLT5vIBF+jyvuK7zGMGLk/eaUH/BwyyyW:vYnMEhnPvrh0/5vQyyvuK1GpHJwAo1t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
315f05a699d106aeceff7fbe18f1e8ef_JaffaCakes118

Files

315f05a699d106aeceff7fbe18f1e8ef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5cf13fe9dc80773c598a9715136685ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
GlobalGetAtomNameW
LeaveCriticalSection
FreeLibrary
GetLocaleInfoA
IsValidCodePage
LoadLibraryA
MultiByteToWideChar
IsDebuggerPresent
GetCurrentProcessId
SetStdHandle
HeapSize
GetCurrentProcess
GetACP
TerminateProcess
GetDateFormatA
WriteFile
EnumResourceNamesA
SetFilePointer
GetCPInfo
GetConsoleOutputCP
GetCPInfoExW
RtlUnwind
WriteConsoleA
EnterCriticalSection
GetTimeFormatA
UnhandledExceptionFilter
VirtualAlloc
GetOEMCP
HeapReAlloc
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
RaiseException

rpcrt4

RpcStringFreeA

shlwapi

SHCreateStreamOnFileA
PathIsFileSpecA
PathAppendA
SHCreateStreamOnFileEx
PathIsContentTypeA
PathCreateFromUrlW

Sections

.text
Size: 135KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ