JaffaCakes118_a61b587768e71858556d4811677e7bac | Triage

Sharing

General

Target

JaffaCakes118_a61b587768e71858556d4811677e7bac
Size

182KB
MD5

a61b587768e71858556d4811677e7bac
SHA1

a5de27e2fb092ced049a6698e605fbc60e19fc1e
SHA256

58fad80ceebf89e42029a8d0562897d07b39b4ae478f4e152044ba9b6f47c951
SHA512

ce5f4f40b172822f67b8acdcf2737e6565e70c9396bdaa72098509bfe77e85ec988725ed8f7a75281f77118f7cb411e714ce7883dd6954b992dcb246c8d6917c
SSDEEP

3072:H9gB5aM/Mae5A/RDu4HUxWo2CsXGZ484IRwTVp7igrYPaY2uA81sHBRo6Lx5D2V1:dgXaMkLQ0Bps3PXi6YPP2uoBRx5A4KW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_a61b587768e71858556d4811677e7bac

Files

JaffaCakes118_a61b587768e71858556d4811677e7bac
.exe windows:4 windows x86 arch:x86

aec24e0f8ab39bff94e32e77be17c97b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
VirtualAlloc
FlushInstructionCache
HeapReAlloc
VirtualFree
TlsAlloc
VirtualQuery
SetLastError
HeapDestroy
HeapCreate
ExitProcess
TerminateProcess
GetCommandLineA
SetLocaleInfoW
GetSystemInfo
RtlUnwind
GetProcAddress
IsBadWritePtr
ExitProcess
VirtualProtect

shlwapi

PathFindExtensionA

rpcrt4

I_RpcFreeBuffer
UuidCreate

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CoTaskMemRealloc

user32

GetDialogBaseUnits
ShowWindow
DestroyWindow
UnregisterClassA
SetDlgItemTextA
IsWindow
ReleaseDC
SendMessageA
CheckDlgButton
IsDlgButtonChecked
SetWindowLongA
MoveWindow
GetDlgItem
CreateDialogParamA
GetDC
IsDialogMessageA
EnableWindow
WinHelpA
GetDlgItemTextA
CharNextA

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ