JaffaCakes118_602d418ee7d1dafc3e56b55682e2c27b | Triage

Sharing

General

Target

JaffaCakes118_602d418ee7d1dafc3e56b55682e2c27b
Size

119KB
MD5

602d418ee7d1dafc3e56b55682e2c27b
SHA1

5623f4eb59468c7814526acc21a2f25ab62cac9f
SHA256

65761f49fde73675099407d0ab368c0a91662a496341351d9b6e78c08ceaeba7
SHA512

ae918d36231d92f4ae81fa1f92bbd6fe804692b352f60bc519e3e0639302f4e625aa927a81c08d3a764b50eac51e1230ca823c9660db113a2ad68802c337a95e
SSDEEP

1536:yYW4aUbqemPGIVB6dFi4gzeiQtmRUFDnnB4FDK+muIN4Vhvrc8GhOSUQDgej:yYD6tPmdczJ6nB4FKII4rZGh9gm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_602d418ee7d1dafc3e56b55682e2c27b

Files

JaffaCakes118_602d418ee7d1dafc3e56b55682e2c27b
.exe windows:5 windows x86 arch:x86

85ee166f860e45afc104c1781217b34d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
DeleteFileA
SetVolumeLabelA
DeleteFileA
Sleep
DeviceIoControl
CreateSemaphoreW
CreateFileMappingW
SetCurrentDirectoryA
CreatePipe
GetStringTypeW
GetModuleHandleA
GetProcessHeap
DeleteFileA
GetShortPathNameA
FatalExit
WriteConsoleA
InterlockedExchange
GetModuleHandleW
CreateEventW
SetEnvironmentVariableA
InitializeCriticalSection
GetACP

mshtml

DllGetClassObject
DllCanUnloadNow
ShowModalDialog
PrintHTML

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rrs
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avdr
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ