JaffaCakes118_64fbca0499344379db2e554eb5142053 | Triage

Sharing

General

Target

JaffaCakes118_64fbca0499344379db2e554eb5142053
Size

175KB
MD5

64fbca0499344379db2e554eb5142053
SHA1

e2cea775ace9da78646cb34ac07d113affc26b65
SHA256

3a12049b5d15e912e420c9543fc0a376f75a7e425acefc9c2adfa129f119ff77
SHA512

c3656df010b4f823155fa0ec61a3c4a6b70c4295f3f29002fa31ef50c57a7954f29ed5ead0a1bc5c99a0e7528c83312289331460061dd735ac09c071ba1090e2
SSDEEP

3072:IijUgC4ajr0X7bh+k+Hc+2WHF+dWokMKWtnnLjXXX2G3eRk6OMW5JdIRNYHuSF:0glajr0ZT+HcIHF+oodBLXXrikzgRSOS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_64fbca0499344379db2e554eb5142053

Files

JaffaCakes118_64fbca0499344379db2e554eb5142053
.exe windows:4 windows x86 arch:x86

f034401d1464ee4db88864260c4550e8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
GlobalGetAtomNameW
TlsAlloc
GetDateFormatA
IsValidCodePage
HeapSize
TlsSetValue
RtlUnwind
GetLocaleInfoA
SetStdHandle
TlsGetValue
GetCPInfo
EnumResourceNamesA
GetOEMCP
SetFilePointer
VirtualAlloc
MultiByteToWideChar
GetCPInfoExW
GetConsoleOutputCP
GetACP
WriteConsoleA
GetTimeFormatA
RaiseException

shlwapi

SHCreateStreamOnFileA
PathIsContentTypeW
SHCreateStreamOnFileEx
PathIsFileSpecW
PathAppendW
PathCreateFromUrlA

occache

FindControlClose

Sections

.text
Size: 84KB - Virtual size: 472KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ