5fb38d96a1d712c35c1020db1649a662_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5fb38d96a1d712c35c1020db1649a662_JaffaCakes118
Size

173KB
MD5

5fb38d96a1d712c35c1020db1649a662
SHA1

0655500f36efd15f2777afed6bf7a03c35479419
SHA256

3c82643406eab17fb2d76d9bdf7b979b758800c3a6eae50884a2e126a4cb648f
SHA512

96b1de52349526973687321ebc6790e20d34835d7462f0c6357b20d9fbb176f2c04fc26a3ba7e409849fabeb84f5e93d7a02fb3c276d6f7f463eb36b55f7260a
SSDEEP

3072:xQJ9JdrzZDPvpy0OvY5szvpretkKbNBcYPn5ABYVET4glyd0rYZga5Qdfqq:xQvJdrRAD3zletrRBB/EthlinZga5Qd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fb38d96a1d712c35c1020db1649a662_JaffaCakes118

Files

5fb38d96a1d712c35c1020db1649a662_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2be666ad04607c9217112f9c4f596995

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetTimeFormatA
GlobalGetAtomNameW
RtlUnwind
HeapReAlloc
GetConsoleOutputCP
IsValidCodePage
GetCPInfo
TlsAlloc
HeapSize
GetLocaleInfoA
MultiByteToWideChar
TlsGetValue
EnumResourceTypesW
SetUserGeoID
SetStdHandle
GetOEMCP
SetFilePointer
GetACP
WriteConsoleA
TlsSetValue
GetDateFormatA
RaiseException

user32

GetDesktopWindow
DispatchMessageA
CharNextA
LoadStringA
MessageBoxA
DispatchMessageW
PeekMessageA
wsprintfA

shell32

SHGetDataFromIDListW
SHGetFileInfoA
DragAcceptFiles
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteExA
Shell_NotifyIconA

rpcrt4

RpcStringFreeA

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 464KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ