JaffaCakes118_b988d6975230394f5f615aee46d214c3 | Triage

Sharing

General

Target

JaffaCakes118_b988d6975230394f5f615aee46d214c3
Size

286KB
MD5

b988d6975230394f5f615aee46d214c3
SHA1

572c0364bec0440b6f71ef188fd5031b7b84fcb5
SHA256

2723e872db2fb6029f0ebe3ace179c81e2f0bea3d308b2ccf5f36e05a268156c
SHA512

c4c77e4b495d929e58f584b189737b701e369fa34e8abd2dcc25f64d931cd84c761596819c84c91c07374429014d737cd64573caf0bff678b34c8af440258a6e
SSDEEP

6144:USg71Q2N/XQiFDpqcElFvVz+cXsPA6WGCQqVLiPkR+wWq0zf:USr2FgOqcKFNz1KdCQOLiPfq0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_b988d6975230394f5f615aee46d214c3

Files

JaffaCakes118_b988d6975230394f5f615aee46d214c3
.exe windows:4 windows x86 arch:x86

683b2d77bf83ac046692e1cca0c86040

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
SetFilePointer
GlobalGetAtomNameA
GetConsoleOutputCP
MultiByteToWideChar
InitializeCriticalSection
GetCurrentProcess
EnterCriticalSection
FreeLibrary
IsDebuggerPresent
IsValidCodePage
GetLocaleInfoA
GetTimeFormatA
UnhandledExceptionFilter
EnumResourceNamesW
WriteConsoleA
GetCPInfo
LeaveCriticalSection
SetUnhandledExceptionFilter
WriteFile
GetStringTypeA
SetStdHandle
HeapReAlloc
GetCurrentProcessId
VirtualAlloc
GetDateFormatA
LoadLibraryA
GetOEMCP
HeapSize
RtlUnwind
GetACP
TerminateProcess
RaiseException

rpcrt4

RpcStringFreeA

shlwapi

SHCreateStreamOnFileW
PathIsContentTypeA
PathAppendA
PathIsFileSpecA
SHCreateStreamOnFileEx
PathCreateFromUrlW

Sections

.text
Size: 139KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ