JaffaCakes118_590f828a07a7e2829ee7f121eb394b22 | Triage

Sharing

General

Target

JaffaCakes118_590f828a07a7e2829ee7f121eb394b22
Size

288KB
MD5

590f828a07a7e2829ee7f121eb394b22
SHA1

17f5fb33294284aed8b06428a4a5f61ac88c2e24
SHA256

22e4f6f51dfa32787c6a98331d4d3882781d142b49d8229a001524c670fb9e85
SHA512

06e2b67e405664384c3a0eb8496351538122dbb3b770090f48a3c4520e71b13c9f09ee151a7c6b06c6a64d80c675a85147df7ea1ad4ac36febe955f5cfd5f6ff
SSDEEP

6144:a/zjYBt5WOObFBgaIkB48Om8vNCka+PTa1P5nug3e0p:x+PBgGlMvNV/PYxugLp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_590f828a07a7e2829ee7f121eb394b22

Files

JaffaCakes118_590f828a07a7e2829ee7f121eb394b22
.exe windows:4 windows x86 arch:x86

38af3b44853a3f2f7e2b44ca86acd737

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shell32

ShellExecuteA
Shell_NotifyIconA

kernel32

LocalAlloc
SetEnvironmentVariableW
LocalFree
GlobalFindAtomA
SetLastError
ExitProcess
GetFileInformationByHandle
OutputDebugStringW
GetCurrentThreadId
SearchPathW
GetModuleHandleA
VirtualQuery
lstrlenW
VirtualProtect
EnumResourceLanguagesW
OutputDebugStringA
CreateDirectoryW
MultiByteToWideChar
GetCurrentDirectoryW
GetPrivateProfileStructA
WideCharToMultiByte
GetCurrentProcess
DuplicateHandle
lstrcmpiW
GetModuleFileNameW
GetFileAttributesW
InterlockedExchange

shlwapi

StrRetToBSTR
SHCreateStreamOnFileEx
PathIsFileSpecA
PathAppendA
PathIsContentTypeA
PathCreateFromUrlW

oleacc

CreateStdAccessibleObject

Sections

.text
Size: 150KB - Virtual size: 278KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ