ea747951cdbda0d797fc0d6859a5e1db_JaffaCakes118 | Triage

Sharing

General

Target

ea747951cdbda0d797fc0d6859a5e1db_JaffaCakes118
Size

119KB
MD5

ea747951cdbda0d797fc0d6859a5e1db
SHA1

8f495e1a02e03261e173acf5e0558faa47b3a61b
SHA256

2109a7cf6ff4fa94a4b7a599c898d7938d6dbcfb13d7c0e06259d48afcb38215
SHA512

b1e00abb0b3b5f23431bc952533786efc1432006a024a418f72f9ae88514ae18f55c63bf7c03c56c24e2d6912f986100718d2247be0ca7a9bdc46befc2d68beb
SSDEEP

3072:slP2GdQ/mRziJteCuvIeq/gHQwCXHePHZ:NGdSmsJt9uv0UX7v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea747951cdbda0d797fc0d6859a5e1db_JaffaCakes118

Files

ea747951cdbda0d797fc0d6859a5e1db_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e8bcdd0b7e42d5c0b52db2cbb7da885d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
GetShortPathNameW
FatalExit
GetModuleHandleW
VirtualAlloc
CreateMailslotA
GetModuleHandleA
SetVolumeLabelA
GetProcessHeap
CreateFileMappingW
DeleteFileA
InitializeCriticalSection
GetConsoleAliasA
GetACP
DeviceIoControl
CreateSemaphoreW
DeleteFileA
SetEnvironmentVariableA
WriteConsoleW
SetCurrentDirectoryA
DeleteFileA
InterlockedExchange
CreatePipe

mshtml

ShowModelessHTMLDialog
ShowHTMLDialog
ShowModalDialog
DllEnumClassObjects

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rrs
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.afdr
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ