JaffaCakes118_75e206cec8611fd0d9bdb83cbf2bfe3b | Triage

Sharing

General

Target

JaffaCakes118_75e206cec8611fd0d9bdb83cbf2bfe3b
Size

180KB
MD5

75e206cec8611fd0d9bdb83cbf2bfe3b
SHA1

721952b7103c7d3f313a62614baa243f973548b0
SHA256

78726bfb351e4abdf70f394a9762947ee88259b70b484992ddfc7cf7ebff3bce
SHA512

34eee194e2c7e438e3170ba8517d8bea4c2ab23a5a6c17b64be695f41a42de761c7da2013adccbbd7ad3aec2018d68736d69fea9aed56d48c6335f49381f3bc1
SSDEEP

3072:TFO5ZdBY21g0/KslU8d3elH3FXXlYOd/SiRHwY8Ta50YihQWggcGF:TFcZs90CYUMclYCBRHwY8+GfSi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_75e206cec8611fd0d9bdb83cbf2bfe3b

Files

JaffaCakes118_75e206cec8611fd0d9bdb83cbf2bfe3b
.exe windows:4 windows x86 arch:x86

3269374129124e3c5b6455d7b4d897f4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQuery
HeapFree
QueryPerformanceCounter
VirtualFree
GetCurrentProcessId
HeapReAlloc
IsBadWritePtr
TlsAlloc
HeapCreate
EnumSystemLanguageGroupsW
SetLastError
VirtualAlloc
GetWriteWatch
HeapAlloc
GetSystemTimeAsFileTime
HeapDestroy
TlsFree

winmm

mciSendCommandA

shell32

SHChangeNotify
SHGetMalloc
SHGetPathFromIDListW

shlwapi

PathAddBackslashW

user32

DestroyIcon
GetWindow
GetDlgItem
LoadImageA
SetWindowTextA
CreateWindowExA
LoadStringA
GetParent

oleacc

CreateStdAccessibleObject
CreateStdAccessibleProxyA

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ