937429a9c26977212d83445a664adf99_JaffaCakes118 | Triage

Sharing

General

Target

937429a9c26977212d83445a664adf99_JaffaCakes118
Size

272KB
MD5

937429a9c26977212d83445a664adf99
SHA1

c63633092a0d04ebe37a5f8f7f93af1c96b713e2
SHA256

2604257ab0f27eab3e1dba70c924bb07d59836d0061ca22966dbc65333b98beb
SHA512

7f026a0abb7423eebd9efa55fe3f5116551d4ebd1bc2f53a83532579bc926c98b3d10bde04df2bba19b36be8ddff0638e9df9a8da38952916eac0459bb8239e2
SSDEEP

6144:Br+gWtfQGZ8AIrCnPO3RO+G0adLbWDN9wvfdHlSd3UpKNeJRLm:tQosI+PO3TG0WbWDNKvtlSdkZrL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
937429a9c26977212d83445a664adf99_JaffaCakes118

Files

937429a9c26977212d83445a664adf99_JaffaCakes118
.exe windows:4 windows x86 arch:x86

35e04348cfb7b777c969c789c3cdd211

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
IsValidCodePage
GlobalGetAtomNameW
GetCPInfo
GetLocaleInfoA
FreeLibrary
GetTimeFormatA
SetFilePointer
RtlUnwind
WriteConsoleA
EnumResourceNamesA
GetConsoleOutputCP
InitializeCriticalSection
GetOEMCP
LoadLibraryA
GetDateFormatA
MultiByteToWideChar
GetCPInfoExW
VirtualAlloc
HeapReAlloc
SetStdHandle
GetACP
RaiseException

shlwapi

SHCreateStreamOnFileA
PathAppendA
PathIsFileSpecA
PathIsContentTypeA
SHCreateStreamOnFileEx
PathCreateFromUrlW

occache

FindControlClose

Sections

.text
Size: 133KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ