bb70a05349e9cc1ed724b25ad2254002_JaffaCakes118 | Triage

Sharing

General

Target

bb70a05349e9cc1ed724b25ad2254002_JaffaCakes118
Size

307KB
MD5

bb70a05349e9cc1ed724b25ad2254002
SHA1

bf38250d5393797f86428a68e74082cbb93ce3f4
SHA256

3ca919091b0eabc0e968e60f78c62d30a9f0ba80770f159d247bf833f92ae6e2
SHA512

7f859a6bacf23e729c7b7fd8c79300c036f3c087df1f94b281aafa78379dbe4329cd232b0971a13245829b21c7aaeea0dcf08bbe9e777f5ccf721e3defbe1756
SSDEEP

6144:78AF6g/s2H9nyUvOWy9O8fV14/wLbjCFh2O1DMhBA2AtY5rR/WMzZPw:7v6g/BdyaOWywu14/wLbjCFh2oQAC5rW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb70a05349e9cc1ed724b25ad2254002_JaffaCakes118

Files

bb70a05349e9cc1ed724b25ad2254002_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a791bbeaa3569e7e8cdbdfddf41c84f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
GetEnvironmentStrings
GetFullPathNameA
WriteFile
GetAtomNameA
LCMapStringW
GetFileAttributesA
IsBadReadPtr
SetFilePointer
GetOEMCP
GetEnvironmentStringsW
GetCPInfo
FlushFileBuffers
VirtualProtect
EnumResourceNamesA
GetDiskFreeSpaceA
FreeLibrary
UnhandledExceptionFilter
IsBadCodePtr
LCMapStringA
FreeEnvironmentStringsW
GetThreadLocale
ReadFile
GetStringTypeW
FreeEnvironmentStringsA
FindFirstFileA
WideCharToMultiByte
LoadLibraryExW
SetUnhandledExceptionFilter
CreateFileA
MulDiv

shlwapi

SHCreateStreamOnFileW
PathIsContentTypeA
SHCreateStreamOnFileEx
PathIsFileSpecA
PathAppendA
PathCreateFromUrlW

rpcrt4

RpcStringFreeA

Sections

.text
Size: 151KB - Virtual size: 314KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ