d8d429f967e2119013210ef155571d1a_JaffaCakes118 | Triage

Sharing

General

Target

d8d429f967e2119013210ef155571d1a_JaffaCakes118
Size

172KB
MD5

d8d429f967e2119013210ef155571d1a
SHA1

1f04289404930e79583345fd555d36f54d13e709
SHA256

580ffa3d517ceb84f517877492ff44416ba1418d746fe676fb7b7ddb97b5e2a6
SHA512

9109f865dac4310bc33fdf6fa6c098829334a642638f0031041e551f40d3240fac4c63f353c92372a662985231cccc6f235eb452508c9f601df0f5e5034afb34
SSDEEP

3072:Pgqw8FIL6q4hrpvB5KMcpnK2W5HoA9jtxG6fgYA31UBrKws:Pgqw8FIL6nxdKM2KfHHjnIxOBDs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d8d429f967e2119013210ef155571d1a_JaffaCakes118

Files

d8d429f967e2119013210ef155571d1a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a81f86dedb590ef013f7fb22a3106102

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shell32

ShellExecuteA
Shell_NotifyIconA

oleacc

CreateStdAccessibleObject

kernel32

IsDebuggerPresent
GetCurrentThreadId
SetUnhandledExceptionFilter
GlobalFindAtomW
QueryPerformanceCounter
GetStartupInfoA
FoldStringW
VirtualProtect
GetCurrentProcessId
GetModuleHandleW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
EnumResourceLanguagesA
LocalAlloc
GetSystemTimeAsFileTime
GetProcessHeap
GetPrivateProfileSectionW
GetTickCount
GetLocaleInfoW
InterlockedCompareExchange
InterlockedExchange
DeleteFileW

shlwapi

GetAcceptLanguagesA
PathRemoveFileSpecW
PathFindExtensionW
PathCreateFromUrlW
UrlUnescapeW
StrCmpIW
PathAppendW
PathIsRelativeW
UrlCreateFromPathW
PathCombineW

Sections

.text
Size: 86KB - Virtual size: 482KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ