232ca80ae8353d74b43f396a1933d0d2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

232ca80ae8353d74b43f396a1933d0d2_JaffaCakes118
Size

172KB
MD5

232ca80ae8353d74b43f396a1933d0d2
SHA1

31977294da630f0f00355d0a0a612385c99f7045
SHA256

3b7c3baaf756018052e0ec320b5b252599e7f4705d57033af4eed5d419ff95ff
SHA512

9d14793a2be2a77daded397e476c9d5241e59010817b35e70a6860dd61cae7c37dd5af1da0e10b4081661843f6b0101bb41a89134a251b787f7054e443e0ecb9
SSDEEP

3072:rDfO+gbQ96iOXZwLZhNDfP9cLdqMwfjCevAEgo53UIxX:rDfhgbQcdwVh9PaPwmevgsp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
232ca80ae8353d74b43f396a1933d0d2_JaffaCakes118

Files

232ca80ae8353d74b43f396a1933d0d2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9557755f65b85bcfc0ed2ca49fb3e79b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
MultiByteToWideChar
GlobalGetAtomNameW
SetStdHandle
GetLocaleInfoA
RtlUnwind
GetACP
GetDateFormatA
GetOEMCP
HeapReAlloc
WriteConsoleA
TlsGetValue
IsValidCodePage
EnumResourceTypesW
GetConsoleOutputCP
SetUserGeoID
GetCPInfo
VirtualAlloc
SetFilePointer
HeapSize
GetTimeFormatA
TlsAlloc
RaiseException

shell32

SHGetUnreadMailCountW
SHGetPathFromIDListA
SHGetFileInfoA
SHBrowseForFolderA
ShellExecuteExA
DragAcceptFiles
Shell_NotifyIconA

user32

LoadStringA
PeekMessageA
DispatchMessageA
CharNextA
DispatchMessageW
GetDesktopWindow
MessageBoxA
wsprintfA

rpcrt4

RpcStringFreeA

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 469KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ