5dcdf00bc086e3427c5c96a4f0d925a5_JaffaCakes118 | Triage

Sharing

General

Target

5dcdf00bc086e3427c5c96a4f0d925a5_JaffaCakes118
Size

187KB
MD5

5dcdf00bc086e3427c5c96a4f0d925a5
SHA1

a4b4b65f45d0a48b9ae4bcda94dbb00fd9b383c4
SHA256

540675856d920b982aba937c77dedc3a13218067a7b33b88e3040b5b87167ec0
SHA512

1043eb76a58405a12cc267a0d6b4e8fb35d547b2147fa1e58c3ca822975692fcc8e279e29c4460013499f065184b487384afae7bcfe7007aef9fca5fef19d087
SSDEEP

3072:eVFjuxmGH/3rnH7wFFpeyn5paMRv150Bl+f5S3wPVxgBPeCX+KovJu72WN:mFjuw+D7wF7tRWlFAj+P3X+KovR4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5dcdf00bc086e3427c5c96a4f0d925a5_JaffaCakes118

Files

5dcdf00bc086e3427c5c96a4f0d925a5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7b7ecaf2dcd4f33756327a666a9f6891

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeFormatA
VirtualAlloc
HeapReAlloc
GlobalGetAtomNameW
MultiByteToWideChar
SetFilePointer
TlsSetValue
RtlUnwind
GetACP
TlsAlloc
TlsGetValue
SetStdHandle
EnumResourceNamesA
GetCPInfo
IsValidCodePage
GetDateFormatA
GetOEMCP
GetModuleHandleA
WriteConsoleA
HeapSize
GetLocaleInfoA
GetConsoleOutputCP
RaiseException

occache

FindControlClose

shell32

SHCreateStdEnumFmtEtc
DragAcceptFiles
SHGetDesktopFolder
ShellExecuteExW
SHGetFileInfoW
SHBrowseForFolderW
ShellExecuteW
SHGetMalloc
SHGetSpecialFolderLocation
SHAppBarMessage
SHGetPathFromIDListW
Shell_NotifyIconW

Sections

.text
Size: 91KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ