JaffaCakes118_a0d0a811e95c1520ae41e3b783b56245 | Triage

Sharing

General

Target

JaffaCakes118_a0d0a811e95c1520ae41e3b783b56245
Size

184KB
MD5

a0d0a811e95c1520ae41e3b783b56245
SHA1

c968c2f2e7bcf8e8b747860b5dd165d76c50c69d
SHA256

1470e4f143dfbdc0c767131f337d42ff623ab460f8c92c27970310fb24d4f408
SHA512

3a0b20e02fcd20fdc34eedbe2c9df701634ef04cffb56d2db4bbad0c895aedf01b40d6821fd7e23fcffed5573a36050bf5ef581eec9736601fe4964d38a6edbd
SSDEEP

3072:SLIsfb/xwle6EZN62KFGmKsssbNO3vKYm7gz3ClPiG9TEijYcK8fYVLKIitoaW/P:SLRdWeb7vqGPssENO/KY58iqnG8YLetU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_a0d0a811e95c1520ae41e3b783b56245

Files

JaffaCakes118_a0d0a811e95c1520ae41e3b783b56245
.exe windows:4 windows x86 arch:x86

cca46b65bdc1dfb85c13f3230342be74

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetFileAttributesA
GetEnvironmentStringsW
GlobalFindAtomA
GetCPInfo
UnhandledExceptionFilter
GetThreadLocale
SetStdHandle
IsBadReadPtr
CreateFileA
FlushFileBuffers
IsBadCodePtr
FreeEnvironmentStringsW
LCMapStringW
GetStringTypeW
GetStringTypeA
FindFirstFileA
EnumResourceNamesW
GetEnvironmentStrings
GetOEMCP
WriteFile
GetFullPathNameA
WideCharToMultiByte
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
LCMapStringA
GetStringTypeExA
SetFilePointer
ReadFile
GetDiskFreeSpaceA
VirtualProtect
MulDiv

rpcrt4

RpcStringFreeA

shlwapi

SHGetInverseCMAP
PathIsContentTypeA
PathIsFileSpecA
PathAppendA
SHCreateStreamOnFileEx
PathCreateFromUrlW

Sections

.text
Size: 92KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ