JaffaCakes118_165161f86208c9040d43fb7f5294adb4 | Triage

Sharing

General

Target

JaffaCakes118_165161f86208c9040d43fb7f5294adb4
Size

278KB
MD5

165161f86208c9040d43fb7f5294adb4
SHA1

dac7b2a1b1d4c8e100c9fb0c367f1482e946660f
SHA256

299e0954745d721b66786520eece109fc62758c88fbcf93e1930689aaab08e7b
SHA512

e7f0d556224608e05f3480160741606f9b62c0c79440063fe6e083c877a97e05667aadf76c5a552f188ad23abc4a5995007cc9586056e30349e819bbb5e9212b
SSDEEP

6144:D9BX6i427gndtH+LG+vdsHm/MGBspRpBrIb+mtOtImm0QGb65Fa:Dj6i4Xn+SYtWj5tld

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_165161f86208c9040d43fb7f5294adb4

Files

JaffaCakes118_165161f86208c9040d43fb7f5294adb4
.exe windows:4 windows x86 arch:x86

b1b4641a63f477c190887ae879e14adf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualProtect
SetFilePointer
IsBadReadPtr
GlobalFindAtomA
UnhandledExceptionFilter
GetFullPathNameA
FlushFileBuffers
GetEnvironmentStringsW
GetStringTypeW
GetFileAttributesA
FindFirstFileA
GetThreadLocale
LCMapStringA
IsBadCodePtr
FreeEnvironmentStringsW
GetEnvironmentStrings
EnumResourceNamesW
GetStringTypeA
WriteFile
WideCharToMultiByte
GetStringTypeExA
GetCPInfo
LCMapStringW
CreateFileA
SetStdHandle
FreeEnvironmentStringsA
GetOEMCP
SetUnhandledExceptionFilter
ReadFile
GetDiskFreeSpaceA
MulDiv

shlwapi

SHGetInverseCMAP
PathIsContentTypeA
PathAppendA
PathIsFileSpecA
SHCreateStreamOnFileEx
PathCreateFromUrlW

rpcrt4

RpcStringFreeA

Sections

.text
Size: 134KB - Virtual size: 270KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ