JaffaCakes118_1539a5e31e86fd24f7c365a381bd1c08 | Triage

Sharing

General

Target

JaffaCakes118_1539a5e31e86fd24f7c365a381bd1c08
Size

279KB
MD5

1539a5e31e86fd24f7c365a381bd1c08
SHA1

298dcd4ba4112935423ea14cc1db1bddf9a604b3
SHA256

14fc9fd4c76b7cdf28be98a089647f2c8443bb1badf15760eb92ccaf56b5d62a
SHA512

c6ecf329595c16372f3865a4695fe9d6d10e3ef6facdd8cd8bfa0a02673a7ba0a026c42d0eefb1e7f8bc61e306404472cbed2fb81e25e93d437b118d6a3fe7f0
SSDEEP

6144:tdtDcV4n5hja23uKiNQuOINaKjFW10kNPtP/zwdraO0:FAV4n5JnLi5OJKw1ztP/zkr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_1539a5e31e86fd24f7c365a381bd1c08

Files

JaffaCakes118_1539a5e31e86fd24f7c365a381bd1c08
.exe windows:4 windows x86 arch:x86

4ade710bd81949aa465239ba11c2e5aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CreateFileA
GetDiskFreeSpaceA
GlobalFindAtomA
GetFileAttributesA
SetFilePointer
VirtualProtect
LCMapStringA
SetStdHandle
GetFullPathNameA
WriteFile
GetThreadLocale
WideCharToMultiByte
GetEnvironmentStringsW
EnumResourceNamesW
LCMapStringW
GetEnvironmentStrings
GetOEMCP
ReadFile
UnhandledExceptionFilter
IsBadCodePtr
GetStringTypeExW
FindFirstFileA
FreeEnvironmentStringsW
IsBadReadPtr
SetUnhandledExceptionFilter
FlushFileBuffers
GetCPInfo
FreeEnvironmentStringsA
GetStringTypeA
GetStringTypeW
MulDiv

rpcrt4

RpcStringFreeA

shlwapi

SHGetInverseCMAP
SHCreateStreamOnFileEx
PathAppendA
PathIsContentTypeA
PathIsFileSpecA
PathCreateFromUrlW

Sections

.text
Size: 142KB - Virtual size: 278KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ