JaffaCakes118_779e3ecd18de89e4e14179c5e8edcabd | Triage

Sharing

General

Target

JaffaCakes118_779e3ecd18de89e4e14179c5e8edcabd
Size

121KB
MD5

779e3ecd18de89e4e14179c5e8edcabd
SHA1

359aedfc19776b8f0b8cc71bbb246fe211c096bb
SHA256

e57b6687c3c30b4f948ef5258c0a3599a7814c0d7811df8fd19c86f29ac9d711
SHA512

cc4d7732fe07838e3a44b2ff6465acb00832c5a0ffa8f32a3adef9fe81fd19faa776eed74254ca1ae5623c6946609727161813e0e01bb45350edd309b28ebc9a
SSDEEP

1536:dwH8RioqfLl7tzxwMfWatvxXUG/NyAkYFSvFL/fnPY3DXqsw8TieDHVfAt7:N8BjltzthvvXFqL/I3D5w8+eRW7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_779e3ecd18de89e4e14179c5e8edcabd

Files

JaffaCakes118_779e3ecd18de89e4e14179c5e8edcabd
.exe windows:4 windows x86 arch:x86

8703b6093c1448c3e806d294e0a56237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetExitCodeThread
CreateEventW
CloseHandle
CloseHandle
GetEnvironmentVariableA
CloseHandle
OpenMutexA
lstrcmpW
lstrcmpiW
WaitForMultipleObjects
HeapCreate
GetFileAttributesW
GetConsoleTitleA
GetFullPathNameA
GetDiskFreeSpaceW
GetCurrentDirectoryA
GetVolumePathNameA
CreateDirectoryW
ReleaseSemaphore
GetPrivateProfileSectionW
GetModuleHandleW
GetFullPathNameA
GetModuleHandleA

certmgr

DllCanUnloadNow
DllRegisterServer
DllGetClassObject
DllUnregisterServer

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.zdata
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE