78394e6d77a24c1f13fac02c8df80270_JaffaCakes118 | Triage

Sharing

General

Target

78394e6d77a24c1f13fac02c8df80270_JaffaCakes118
Size

116KB
MD5

78394e6d77a24c1f13fac02c8df80270
SHA1

5a4dc56b1477f8c842affbce3a84b75cee141ddc
SHA256

f211064317fa035b037fb81fbbec7ece0c946ddd3ce29558042d63012884039d
SHA512

db7c723ceb466d1700e88fb471c998309d5f0caf1dadb9376ba1b6e6c300b8ef9324a505ae5fd204785437ecc637ea9fdafe38670e9201f0ed0d0a7516395879
SSDEEP

1536:n02pVTuvieSH9Qpt8Wk/Z+6gCP+X+yAGk2Kq/QLNtCwjlTaMuLaeqsFm:n00VxBH9Qt8WeZLgCPRlG1ILJJulTF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78394e6d77a24c1f13fac02c8df80270_JaffaCakes118

Files

78394e6d77a24c1f13fac02c8df80270_JaffaCakes118
.exe windows:5 windows x86 arch:x86

10caea903c3e55b55a3d4d56921f29b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
CreateSemaphoreW
SetVolumeLabelW
DeleteFileA
GetStringTypeA
GetModuleHandleW
GetACP
GetShortPathNameW
VirtualAlloc
SetEnvironmentVariableA
DeleteFileA
WriteConsoleW
DeviceIoControl
CreateFileMappingW
CreateMailslotA
GetConsoleAliasA
GetStringTypeW
SetCurrentDirectoryA
FatalExit
CreatePipe
DeleteFileA
LoadLibraryA
InitializeCriticalSection

mshtml

ShowModalDialog
ShowHTMLDialog
ShowModelessHTMLDialog
DllEnumClassObjects

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ