JaffaCakes118_6cf249e7391115ab5e47419bfd640e7f | Triage

Sharing

General

Target

JaffaCakes118_6cf249e7391115ab5e47419bfd640e7f
Size

176KB
MD5

6cf249e7391115ab5e47419bfd640e7f
SHA1

bc57fc7914fc4911c2c78b4bbea1ae4f07c6e296
SHA256

05961272f57f967605d9ef765d46dd0d583da1e64b36984b7901b1e4d3b85c93
SHA512

73a9f662f736410e54cd6a6c8566b88fe59dcd6fc0a1f55edf47137499f9fe6f980317a6cc0e926fdbe4430554bf5c244efca9e5b13d2c8368308cb39c7e1ff8
SSDEEP

3072:I62/a+CB/Og9XEBH0EkHLE7CtVTeJ8Kn6Nyt4ibYnC95OUckrXbd259l7eEhWW:z2i+A/HmHFuw6g8K6Qt46Ln11p2v4Eo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6cf249e7391115ab5e47419bfd640e7f

Files

JaffaCakes118_6cf249e7391115ab5e47419bfd640e7f
.exe windows:4 windows x86 arch:x86

ab773d9bd06ed75866bd8685117f25aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
SetStdHandle
GlobalGetAtomNameW
TlsGetValue
HeapSize
GetLocaleInfoA
GetOEMCP
VirtualAlloc
GetCPInfo
GetDateFormatA
EnumResourceNamesA
GetTimeFormatA
WriteConsoleA
MultiByteToWideChar
IsValidCodePage
HeapReAlloc
GetConsoleOutputCP
GetCPInfoExW
TlsSetValue
SetFilePointer
TlsAlloc
GetACP
RaiseException

shlwapi

SHCreateStreamOnFileA
PathIsContentTypeW
PathAppendW
PathIsFileSpecW
SHCreateStreamOnFileEx
PathCreateFromUrlA

occache

FindControlClose

Sections

.text
Size: 89KB - Virtual size: 477KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ