103969adfdbd2eab47535981cec6636f_JaffaCakes118 | Triage

Sharing

General

Target

103969adfdbd2eab47535981cec6636f_JaffaCakes118
Size

273KB
MD5

103969adfdbd2eab47535981cec6636f
SHA1

35236c66149a580a64c051fdb37626f891f72e7b
SHA256

4a31901feb4828ab1d5e99b5c6dccf9a547abc75ed244c4e1de4d42bef00dfbb
SHA512

7d1d4e03f29ad494fde1f6eb3817e0ca6fb8429d4daf8839de8897b557951c4fe027e9bc23a3a32e87bff90280c1015e910db9d73aaf190d62c48763a50556ab
SSDEEP

6144:GW8RGXHdb5K+QhEd3+NLmximO92D93aqnKpQ1i5cg1:GxRkdb5K+mEBAQ1iT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
103969adfdbd2eab47535981cec6636f_JaffaCakes118

Files

103969adfdbd2eab47535981cec6636f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

09527746dfaf39244d0fe7ab533409ec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameA
GetDateFormatA
GetACP
TlsAlloc
GetLocaleInfoA
RtlUnwind
VirtualAlloc
GetConsoleOutputCP
TlsGetValue
MultiByteToWideChar
SetStdHandle
EnumResourceTypesA
HeapSize
GetCPInfo
HeapReAlloc
TlsSetValue
IsProcessorFeaturePresent
IsValidCodePage
GetOEMCP
GetTimeFormatA
SetFilePointer
WriteConsoleA
RaiseException

rpcrt4

RpcStringFreeA

shell32

SHDefExtractIconA
ShellExecuteExA
DragAcceptFiles
SHBrowseForFolderA
SHGetFileInfoA
SHGetPathFromIDListA
Shell_NotifyIconA

Sections

.text
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ