JaffaCakes118_676711b1025c7ef0f9cc0fd83defb6f0 | Triage

Sharing

General

Target

JaffaCakes118_676711b1025c7ef0f9cc0fd83defb6f0
Size

115KB
MD5

676711b1025c7ef0f9cc0fd83defb6f0
SHA1

fdf14db965b698e452bb1bf07c8448ae28d647f6
SHA256

eddb60bc27771a58127ab433564ff45d42e47f03d1ebce60dcb08e0646635f3e
SHA512

8985c025a4f251553fdb3da87729d3b3ab55731cb450301836e7411f7b2f11d2ea5a5ae28263451b95b7e069a8faa18a6a31760e06e2bba570657f9b89c3cc51
SSDEEP

3072:OGR6pAMei3QDFDxboP9Q/CdJlYnqtDa/H17g:OGspAwIFFW9JdPAZF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_676711b1025c7ef0f9cc0fd83defb6f0

Files

JaffaCakes118_676711b1025c7ef0f9cc0fd83defb6f0
.exe windows:4 windows x86 arch:x86

248d78d63e0af5c8b009f1540e18da89

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcpyW
DisconnectNamedPipe
HeapCreate
WriteConsoleW
ReleaseMutex
WriteConsoleW
CopyFileW
IsValidLocale
CreatePipe
GetLastError
lstrlenW
IsBadStringPtrA
GetCurrentDirectoryA
GetFileSize
CloseHandle
IsBadCodePtr
WriteConsoleW
GetStartupInfoA
GetFileAttributesA
GetModuleHandleA
SetPriorityClass

msftedit

SetCustomTextOutHandlerEx
RichEditWndProc
RichListBoxWndProc
RichComboBoxWndProc

shell32

ExtractIconA
SHGetSettings
StrChrA
DragQueryFileA
SHGetMalloc
SHGetDiskFreeSpaceA
SHGetDiskFreeSpaceA
DragAcceptFiles
ShellMessageBoxA
ShellAboutA
ShellMessageBoxA
DuplicateIcon
SHGetMalloc

msasn1

ASN1BERDecBool

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 67B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ