JaffaCakes118_9b35b8947738fe040b2d4ae33d8023f3 | Triage

Sharing

General

Target

JaffaCakes118_9b35b8947738fe040b2d4ae33d8023f3
Size

173KB
MD5

9b35b8947738fe040b2d4ae33d8023f3
SHA1

eb464f2c442ce2eae47527d197d4ce7e38cc2a78
SHA256

86b19254910eb5311f174ced2371f215230ef5b85f2b4947d7b9144c5677ba61
SHA512

3fbcaa82f365a7d666f28be1ff0d7c964fc24755fc1e6eded8d49cac0f2b25b0e2a123b6df577b8a3c41de83b9ad903405b05a2a213290fa63f223845d43ab7f
SSDEEP

3072:Z+Mwo0WwWMc7N378pMDnWIeKteaXrbvbXckns/xscwL7fQugx+xbMql+z/edrJLk:Z+RgwW77N3Qp8nQgZ/vbgxscwL7+x+N0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_9b35b8947738fe040b2d4ae33d8023f3

Files

JaffaCakes118_9b35b8947738fe040b2d4ae33d8023f3
.exe windows:4 windows x86 arch:x86

17393d31f58c1bd2ea64d94dc0a34795

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
WideCharToMultiByte
SetUnhandledExceptionFilter
LCMapStringA
GetAtomNameA
LoadLibraryExW
FlushFileBuffers
GetEnvironmentStrings
GetCPInfo
GetDiskFreeSpaceA
GetThreadLocale
LCMapStringW
UnhandledExceptionFilter
GetFileAttributesA
SetStdHandle
FreeLibrary
EnumResourceNamesA
GetOEMCP
VirtualProtect
GetFullPathNameA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetEnvironmentStringsW
FindFirstFileA
CreateFileA
WriteFile
SetFilePointer
MulDiv

rpcrt4

RpcStringFreeA

shlwapi

SHCreateStreamOnFileW
PathIsContentTypeA
PathAppendA
SHCreateStreamOnFileEx
PathIsFileSpecA
PathCreateFromUrlW

Sections

.text
Size: 91KB - Virtual size: 487KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ