5b30734c86e13b3ecf4c464f8c1f1a66_JaffaCakes118 | Triage

Sharing

General

Target

5b30734c86e13b3ecf4c464f8c1f1a66_JaffaCakes118
Size

286KB
MD5

5b30734c86e13b3ecf4c464f8c1f1a66
SHA1

d6023ba18d36ab1f3a79e722966cb03a7e02ddff
SHA256

563410ebee67ab9c295168c8d26eff9ea363250c2e8a44066acbe85d14e2ad52
SHA512

e6ec5ffe5e79b63742558a86510d92c5ccc50525c9a6745096e61c0bcd52532ca9d39867c9c83d0ea56765cb5d71cb0def2e5f8da6bee6036186868f6cd250a4
SSDEEP

6144:OVq+UoZyYg4M4crK5XKOKzOVGPwyOV8N0cSCbdJ2rjm:OV2ajbx6pPwPuN0cbb/oi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b30734c86e13b3ecf4c464f8c1f1a66_JaffaCakes118

Files

5b30734c86e13b3ecf4c464f8c1f1a66_JaffaCakes118
.exe windows:4 windows x86 arch:x86

45e00386f793c750e23f0da2afc57045

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
GetConsoleOutputCP
GlobalGetAtomNameW
GetDateFormatA
MultiByteToWideChar
HeapSize
TlsAlloc
GetACP
GetLocaleInfoA
TlsSetValue
EnumResourceTypesW
SetFilePointer
WriteConsoleA
GetCPInfo
HeapReAlloc
RtlUnwind
SetUserGeoID
VirtualAlloc
GetTimeFormatA
TlsGetValue
SetStdHandle
IsValidCodePage
RaiseException

rpcrt4

RpcStringFreeA

user32

CharNextA
DispatchMessageW
LoadStringA
GetDesktopWindow
PeekMessageA
MessageBoxA
DispatchMessageA
wsprintfA

shell32

SHGetUnreadMailCountW
SHGetFileInfoA
SHBrowseForFolderA
ShellExecuteExA
DragAcceptFiles
SHGetPathFromIDListA
Shell_NotifyIconA

Sections

.text
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ