JaffaCakes118_6cda8b56c8cdb26667912f50a234258f | Triage

Sharing

General

Target

JaffaCakes118_6cda8b56c8cdb26667912f50a234258f
Size

179KB
MD5

6cda8b56c8cdb26667912f50a234258f
SHA1

a46a2d98553482ef729be3cfbfc4366241304e3e
SHA256

711546c4a73e555d03231da10dc51251b561de9cf393facca4b3eac262b466f7
SHA512

8c3e7e417edab76045406772ecf5bc9a4c7be37bb3765cb41a4be5e9d1e7a073dd2c1e3aaa15e481b400488ec50904deb5b8eb810ae1f23fd13c34e2317c971b
SSDEEP

3072:k0FXNJPY9XjMnklHpMNDWsia4P9Vz8Aji8zVg5zGFcti19D/WcWKEmzr9c:k0lPwNjMnklmWNa4f8AjiKS5qF4i19jK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6cda8b56c8cdb26667912f50a234258f

Files

JaffaCakes118_6cda8b56c8cdb26667912f50a234258f
.exe windows:4 windows x86 arch:x86

8573f89d78b0407836ca8d71434dc46b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

I_RpcFreeBuffer
UuidCreate

shlwapi

PathFindExtensionA

kernel32

RtlUnwind
ExitProcess
FlushInstructionCache
VirtualAlloc
GetProcAddress
VirtualQuery
TlsAlloc
HeapReAlloc
ExitProcess
VirtualFree
GetSystemInfo
GetCommandLineA
SetLocaleInfoW
HeapCreate
SetUnhandledExceptionFilter
SetLastError
HeapDestroy
TerminateProcess
IsBadWritePtr
VirtualProtect

ole32

CoTaskMemAlloc
CoCreateInstance
StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc

user32

MoveWindow
GetDlgItemTextA
ReleaseDC
SetDlgItemTextA
EnableWindow
CheckDlgButton
WinHelpA
GetDialogBaseUnits
DestroyWindow
IsDialogMessageA
SendMessageA
IsWindow
ShowWindow
GetDC
SetWindowLongA
UnregisterClassA
GetDlgItem
CreateDialogParamA
IsDlgButtonChecked
CharNextA

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ