4b989853f7beada4dfd256b291cc1e91_JaffaCakes118 | Triage

Sharing

General

Target

4b989853f7beada4dfd256b291cc1e91_JaffaCakes118
Size

171KB
MD5

4b989853f7beada4dfd256b291cc1e91
SHA1

83e9d9882f08d89f8fc27eb85e83106b604454ba
SHA256

a4746ef8fc8e01917812d7cdac113f3e7f019552e377c5deaf4ff6e67c07a03a
SHA512

d11147350f3c922eaeba9acc24e2c86a18f2fe444618d392f68121f59e0db60b343b49d6edc329d8ea2910d8d837e239ee71c245f9cdbebb6793ec3de10cd11a
SSDEEP

3072:YUftOL184ayOtCJPBwYPkNYzrOI9QFTe/28kinNJwfcmtKzEIt4e/r3fTy3OJjRl:/ftOLm4AtC/w24YrOSQVrniycmtKAw4S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b989853f7beada4dfd256b291cc1e91_JaffaCakes118

Files

4b989853f7beada4dfd256b291cc1e91_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b8dd028f40bb18a7af7aaa7a9b00897c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
HeapReAlloc
MultiByteToWideChar
GetOEMCP
SetFilePointer
GetCPInfo
GetTimeFormatA
VirtualAlloc
GetDateFormatA
GetConsoleOutputCP
EnumResourceNamesA
TlsSetValue
TlsGetValue
GetLocaleInfoA
TlsAlloc
IsValidCodePage
CreateDirectoryExA
RtlUnwind
WriteConsoleA
GetACP
HeapSize
SetStdHandle
RaiseException

user32

MessageBoxA
DispatchMessageW
GetDesktopWindow
LoadStringA
CharNextA
PeekMessageA
DispatchMessageA
wsprintfA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteA
SHGetDesktopFolder
SHAppBarMessage
SHGetMalloc
ShellExecuteExA
SHGetFileInfoA
DragAcceptFiles
Shell_NotifyIconA

rpcrt4

RpcStringFreeA

Sections

.text
Size: 84KB - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ