JaffaCakes118_9e8caf3bf7ac36b748ed722091c2b164 | Triage

Sharing

General

Target

JaffaCakes118_9e8caf3bf7ac36b748ed722091c2b164
Size

184KB
MD5

9e8caf3bf7ac36b748ed722091c2b164
SHA1

6dfedbdfdd56e223941f48a784c19b3cf04e1356
SHA256

5bc8dfe80776ee3b9a43500a2332ae4c7e19b766e894c36261e2c1fffc694dd3
SHA512

b4a78d04295c625cbb7de25f03277026ae279071047bb873b74cb5e1c6ddf3d42d0fe22bad6a2df0d64cafa38152a37bb3e609a762aaca365ed03aba5008631a
SSDEEP

3072:4M1BRkx/qI9KN1DbpEAZ/yf496Qh+Yb/jzSlJLJkcqiAzz5MnG8lltxPBJ3wRVVp:4M7e5l6lyAAVQjMdKziG0ltZ/+VVFTRF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_9e8caf3bf7ac36b748ed722091c2b164

Files

JaffaCakes118_9e8caf3bf7ac36b748ed722091c2b164
.exe windows:4 windows x86 arch:x86

b6afc73c72bb6365f6e5e707589ed673

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
GetEnvironmentStrings
IsBadReadPtr
AddAtomW
LCMapStringA
FreeEnvironmentStringsW
GetCPInfo
SetFilePointer
LCMapStringW
GetOEMCP
FlushFileBuffers
FindFirstFileA
GetFileAttributesA
GetDiskFreeSpaceA
WriteFile
EnumResourceNamesA
SetUnhandledExceptionFilter
GetStringTypeA
VirtualProtect
IsBadCodePtr
GetFullPathNameA
WideCharToMultiByte
GetStringTypeW
GetStringTypeExA
GetEnvironmentStringsW
GetThreadLocale
FreeEnvironmentStringsA
UnhandledExceptionFilter
ReadFile
CreateFileA
MulDiv

shlwapi

SHGetInverseCMAP
PathIsContentTypeA
SHCreateStreamOnFileEx
PathIsFileSpecA
PathAppendA
PathCreateFromUrlW

rpcrt4

RpcStringFreeA

Sections

.text
Size: 91KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ