JaffaCakes118_239f33e09d260e64b5ce4d507443865b | Triage

Sharing

General

Target

JaffaCakes118_239f33e09d260e64b5ce4d507443865b
Size

106KB
MD5

239f33e09d260e64b5ce4d507443865b
SHA1

82159f66f00f81672b399f7ea04ec0222dc7e558
SHA256

8f4c5549b17ecdb28f8e23f5489eeb174d91b1acd1faafae077b6ce048a33325
SHA512

0562eb7f3ab9095672d41c09c4dc3ec41cec8d40904a7ad91e4c15ca669de495d8d3a301c414adc62ca815a3af832eba770017c9749c1bcaa75a3f3f2dc712f6
SSDEEP

3072:IdXDWepDLP238m3cDHb2D5lo4HLl3q/VZj:gyC/2MDDb29l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_239f33e09d260e64b5ce4d507443865b

Files

JaffaCakes118_239f33e09d260e64b5ce4d507443865b
.exe windows:4 windows x86 arch:x86

91456bfc3747d5e6eb2abdae8c8c14dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResumeThread
DeleteAtom
FindVolumeClose
ReleaseMutex
HeapSize
IsBadReadPtr
CreateFileA
GetCurrentDirectoryA
WaitForSingleObject
GetVersion
GetModuleHandleA
CloseHandle
DeleteFileA
FindVolumeClose
EnterCriticalSection
GetFileSize
SetEndOfFile
FindAtomW
GetStdHandle
VirtualAlloc
SetFileAttributesA
GetExitCodeThread
GetCommandLineA
ExitProcess
GetEnvironmentVariableA

shell32

DragFinish
SHFree
ShellMessageBoxA
DllUnregisterServer
DragQueryFileA
SHGetMalloc
DragAcceptFiles
SHGetSettings
StrChrA
ShellAboutA
SHFree
ExtractIconA
DuplicateIcon

snmpapi

SnmpTfxClose
SnmpTfxClose
SnmpTfxClose
SnmpTfxClose

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ