JaffaCakes118_e8b8779e98d1629f8eb38d165d5f4078 | Triage

Sharing

General

Target

JaffaCakes118_e8b8779e98d1629f8eb38d165d5f4078
Size

279KB
MD5

e8b8779e98d1629f8eb38d165d5f4078
SHA1

6d097356c5d9d0ed1556cc9f126684672f050f03
SHA256

1d8e3772452790682ab068a9746789df58c54ba0993935aad872c2cd586748dc
SHA512

76687ab0562ae4a2e16fa1567096230701c4584c7b5b8b7afec31b087dfa32a1fb29043e86b46705123c1bad88558b6bed6867c675c8b822fd16198d3daa6d7f
SSDEEP

6144:fleC8oxFmaBZCmINkQNb9xnD0iQUIrAOYTQ7T5/YcnA93Y7H5KH/Z92:f98ox3n5HQNTD08SAKMoH5KHR92

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_e8b8779e98d1629f8eb38d165d5f4078

Files

JaffaCakes118_e8b8779e98d1629f8eb38d165d5f4078
.exe windows:4 windows x86 arch:x86

8fcf4de243127f80c820ac85231f33fb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
IsBadReadPtr
AddAtomW
GetEnvironmentStrings
GetThreadLocale
VirtualProtect
GetOEMCP
WideCharToMultiByte
GetEnvironmentStringsW
LCMapStringA
GetFileAttributesA
IsBadCodePtr
SetUnhandledExceptionFilter
EnumResourceNamesA
GetStringTypeA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FindFirstFileA
CreateFileA
SetFilePointer
WriteFile
GetFullPathNameA
GetDiskFreeSpaceA
GetStringTypeExA
ReadFile
GetCPInfo
GetStringTypeW
LCMapStringW
FlushFileBuffers
UnhandledExceptionFilter
MulDiv

rpcrt4

RpcStringFreeA

shlwapi

SHGetInverseCMAP
PathIsFileSpecA
PathIsContentTypeA
PathAppendA
SHCreateStreamOnFileEx
PathCreateFromUrlW

Sections

.text
Size: 139KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ