JaffaCakes118_9b70070f4fa4c61e59af39f8242c6f57 | Triage

Sharing

General

Target

JaffaCakes118_9b70070f4fa4c61e59af39f8242c6f57
Size

279KB
MD5

9b70070f4fa4c61e59af39f8242c6f57
SHA1

00da630f90393c5d36d43f23d22c6f802b29feb9
SHA256

129dc8decdbb04d7d93a5e05c13b964339b36768cc5177dcecbaea6c88ebc9ea
SHA512

b11d697c71bc8a47b2e474adc1c37aae951c4e18bd5b9f6783e6d013d6fd9c0402e0c9a4e854bfcf975a8f5506eb249f1ae8461f89ccfb10619194ac2c697b9c
SSDEEP

6144:Rtf8AfuyPWgPX5p7jVvZYRjvi6vxOkcY400wXQOTytTP:XJtWgfPjVviRLio2U0EbTyp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_9b70070f4fa4c61e59af39f8242c6f57

Files

JaffaCakes118_9b70070f4fa4c61e59af39f8242c6f57
.exe windows:4 windows x86 arch:x86

1614e07b755e3fe4928f470961117c4b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetOEMCP
UnhandledExceptionFilter
GlobalFindAtomA
FlushFileBuffers
IsBadCodePtr
WriteFile
FreeEnvironmentStringsW
LCMapStringA
GetFileAttributesA
FindFirstFileA
CreateFileA
WideCharToMultiByte
GetEnvironmentStringsW
EnumResourceNamesW
GetStringTypeW
GetFullPathNameA
GetEnvironmentStrings
ReadFile
GetCPInfo
SetFilePointer
GetThreadLocale
FreeEnvironmentStringsA
GetStringTypeA
GetStringTypeExA
VirtualProtect
SetUnhandledExceptionFilter
LCMapStringW
GetDiskFreeSpaceA
IsBadReadPtr
SetStdHandle
MulDiv

shlwapi

SHGetInverseCMAP
PathIsFileSpecA
SHCreateStreamOnFileEx
PathIsContentTypeA
PathAppendA
PathCreateFromUrlW

rpcrt4

RpcStringFreeA

Sections

.text
Size: 139KB - Virtual size: 275KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ