JaffaCakes118_acd48f9e8580371de9bd5c4f766abcd6 | Triage

Sharing

General

Target

JaffaCakes118_acd48f9e8580371de9bd5c4f766abcd6
Size

194KB
MD5

acd48f9e8580371de9bd5c4f766abcd6
SHA1

f7fe934fc644c7d7476bbde7aed3589ac1d36e63
SHA256

1cf16901d4b1c5771c9106bb40ff5363fac71e04bf953b6dbd318c99549f763b
SHA512

d4f741c6ca217da107a23c10dcfb7dee3af592f255dba55ae800018682e64fcde7cdf1376f45963f7d7de7b4db4db26ca54e309d64f00c3756624cd7e41e6059
SSDEEP

6144:Twz8li9ir/ur/qodUb2YY0aSYK+QG3GZx/v:TSUrmrCodunYON+QOGTv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_acd48f9e8580371de9bd5c4f766abcd6

Files

JaffaCakes118_acd48f9e8580371de9bd5c4f766abcd6
.exe windows:4 windows x86 arch:x86

97b9ac52731b69592156f704bbeada63

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomW
WriteFile
SetFilePointer
IsBadReadPtr
GetStringTypeW
FindFirstFileA
FreeEnvironmentStringsA
GetStringTypeA
SetUnhandledExceptionFilter
GetOEMCP
SetStdHandle
FreeEnvironmentStringsW
ReadFile
GetCPInfo
EnumResourceNamesA
LCMapStringA
GetThreadLocale
LCMapStringW
GetFullPathNameA
WideCharToMultiByte
GetDiskFreeSpaceA
GetEnvironmentStringsW
GetStringTypeExA
GetEnvironmentStrings
VirtualProtect
GetFileAttributesA
IsBadCodePtr
FlushFileBuffers
CreateFileA
UnhandledExceptionFilter
MulDiv

rpcrt4

RpcStringFreeA

shlwapi

SHGetInverseCMAP
PathIsFileSpecA
PathAppendA
SHCreateStreamOnFileEx
PathIsContentTypeA
PathCreateFromUrlW

Sections

.text
Size: 100KB - Virtual size: 520KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ