JaffaCakes118_f67d30457471cb12e9987ac7dec352c9 | Triage

Sharing

General

Target

JaffaCakes118_f67d30457471cb12e9987ac7dec352c9
Size

247KB
MD5

f67d30457471cb12e9987ac7dec352c9
SHA1

4cc50e49534fbfcf2de518a8ad33d09b62df9db2
SHA256

13c306a2d3679d53748903290c7a9b036c8679923a40644e764891bdb2d0b004
SHA512

75bdf193755a5b6fc2a3dfabf9cd2e669ecf05569833d683d42978849e717159ce4fb92e804591d163d101c8e00ad4514edf651d8fc78259f506be03662dfffb
SSDEEP

6144:qz1iwrVC8TsYk0lEAMCq3BY5qb3UI8bJXCPL:qPJ/TsF0aAuiU3AYL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_f67d30457471cb12e9987ac7dec352c9

Files

JaffaCakes118_f67d30457471cb12e9987ac7dec352c9
.exe windows:4 windows x86 arch:x86

b164aff9d4f5a03adc22acf8e07719b4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
FreeLibrary
GetLastError
Sleep
GetVersionExA
GetModuleHandleA
GetProcAddress
LoadLibraryA

inseng

DownloadFile
CheckTrustEx

kbdbu

KbdLayerDescriptor

Sections

.text
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 5KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.icode
Size: 94KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 120KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ