2622a921f960b347afa8d430b19ccae5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2622a921f960b347afa8d430b19ccae5_JaffaCakes118
Size

186KB
MD5

2622a921f960b347afa8d430b19ccae5
SHA1

2977fd6fe08d513a41847cee087b4afa4e72e47c
SHA256

2a8c771b40c4e60cd2f4575718d2c7ce38fdc7a06e0db5364b00f163a095fed8
SHA512

ef74761def1feadb03134f0f1bc4826732877d8bcfd8ff1994ff2499bd0aec1a4cb8b16bff406cb7e2fdef3d3648554e0be9c2808f02e2a26af2be2f836d2348
SSDEEP

3072:kSWtW7eCgN9ZQ9ScTQi1HqkFAioCQS4SfENlGMRTD1t+bemCS3vRxjHlt:KgeCGLQ9/kM9FAV4fyDZAeTwrjl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2622a921f960b347afa8d430b19ccae5_JaffaCakes118

Files

2622a921f960b347afa8d430b19ccae5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

986eebdbe0f7fc68403203cca1482440

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
MultiByteToWideChar
RtlUnwind
GlobalGetAtomNameA
WriteConsoleA
SetFilePointer
SetStdHandle
VirtualAlloc
GetOEMCP
TlsGetValue
IsValidCodePage
EnumResourceNamesA
GetConsoleOutputCP
GetCPInfo
GetModuleHandleW
GetTimeFormatA
GetDateFormatA
HeapSize
TlsSetValue
GetACP
HeapReAlloc
TlsAlloc
RaiseException

shell32

SHGetFolderLocation
DragAcceptFiles
SHGetPathFromIDListW
ShellExecuteExW
SHGetFileInfoW
SHAppBarMessage
SHGetDesktopFolder
SHGetSpecialFolderLocation
ShellExecuteW
SHGetMalloc
SHBrowseForFolderW
Shell_NotifyIconW

occache

FindControlClose

Sections

.text
Size: 87KB - Virtual size: 230KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ