JaffaCakes118_8ac81173118d243b7fb270429545348c | Triage

Sharing

General

Target

JaffaCakes118_8ac81173118d243b7fb270429545348c
Size

189KB
MD5

8ac81173118d243b7fb270429545348c
SHA1

2a26665a81b271763ea9b23b8f04ab58d15df80b
SHA256

18f114603640083121c1f148744e27c0d0c0af9cd25146a2b56c097df80a4998
SHA512

fa1f445dac04fe349fe4fee72c99a05b7450a8e8e864f1811534ab9a40a48d8fb7a90542d8ea2cce394917ba76e8daf7fb88f543512ff1ecee2fd6b028ddd02f
SSDEEP

3072:+PuigBQ8TTwN0vQGzaKRK0hAgEgmcUSkYY2ywzO/ewgUb3pARVWP:+PVgTTTLvQuh8CzTLymOG6ybe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_8ac81173118d243b7fb270429545348c

Files

JaffaCakes118_8ac81173118d243b7fb270429545348c
.exe windows:4 windows x86 arch:x86

28e3e34388ccb523bdc8e6bbcae88c56

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
HeapSize
FreeLibrary
VirtualAlloc
GetAtomNameA
EnterCriticalSection
IsValidCodePage
SetStdHandle
GetLocaleInfoA
TerminateProcess
GetACP
GetConsoleOutputCP
GetTimeFormatA
GetCurrentProcess
SetUnhandledExceptionFilter
InitializeCriticalSection
GetOEMCP
GetSystemTimeAsFileTime
HeapReAlloc
EnumResourceNamesA
GetCPInfo
MultiByteToWideChar
GetStringTypeW
UnhandledExceptionFilter
GetCurrentProcessId
GetDateFormatA
IsDebuggerPresent
WriteConsoleA
LeaveCriticalSection
RtlUnwind
WriteFile
SetFilePointer
RaiseException

shlwapi

SHCreateStreamOnFileW
SHCreateStreamOnFileEx
PathIsFileSpecA
PathIsContentTypeA
PathAppendA
PathCreateFromUrlW

rpcrt4

RpcStringFreeA

Sections

.text
Size: 102KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ