4b4f4959cec05f84f657efe31e110305_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4b4f4959cec05f84f657efe31e110305_JaffaCakes118
Size

282KB
MD5

4b4f4959cec05f84f657efe31e110305
SHA1

75c7830a506d0c5faba7097164b15b151eab09bf
SHA256

417b036fd81859083d5e374bc1ca8ee7a6accdd75c82d0f6b83f3ff39682f1ae
SHA512

e30efab38eb37ad8192276dec13e6eda126e31e8d5622307e35a910e43be35d38129d51eb0dbd2e492123b331707ad9661f8d27ed6986d92ed81ccc587966c42
SSDEEP

6144:rkjtzcAZZ09tlBz5cy4DDh5YXAI24o05wc+YtakB2ajReQgnNZ2B:rkaK0bl3yF5eT9+qPHYQUN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b4f4959cec05f84f657efe31e110305_JaffaCakes118

Files

4b4f4959cec05f84f657efe31e110305_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b06e89fce2edcab3d7a30b735af93b20

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
GetACP
GlobalGetAtomNameW
GetConsoleOutputCP
TlsSetValue
TlsGetValue
HeapReAlloc
SetStdHandle
SetFilePointer
TlsAlloc
GetCPInfo
GetOEMCP
EnumResourceTypesW
GetDateFormatA
GetTimeFormatA
WriteConsoleA
MultiByteToWideChar
SetUserGeoID
HeapSize
IsValidCodePage
GetLocaleInfoA
VirtualAlloc
RaiseException

shell32

SHGetDataFromIDListW
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteExA
DragAcceptFiles
SHGetPathFromIDListA
Shell_NotifyIconA

rpcrt4

RpcStringFreeA

user32

DispatchMessageA
MessageBoxA
CharNextA
LoadStringA
GetDesktopWindow
PeekMessageA
DispatchMessageW
wsprintfA

Sections

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 153KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ