61845ecc0c8b04ffaf237c511e436c7a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

61845ecc0c8b04ffaf237c511e436c7a_JaffaCakes118
Size

180KB
MD5

61845ecc0c8b04ffaf237c511e436c7a
SHA1

899f5dba5ad75821b087f7a3d12a385c6770e38e
SHA256

002abd8ec5b74c9f6bc3c2a8daee01894107b855696bb4420a091cfbbdb016c6
SHA512

1594463eb3f31cb4276fd6f07b5e5c3314ca5e7748ef2a0c421051844e2300cbac522fd11f4879dd5016daae0f812c20b1cef162cd594265d49579d45c8f92c6
SSDEEP

3072:vnuMifNiaZCNtTJzqfF1COuk60vH+Do+/ie6ezoBc51ZXHobIc:mMifNjg32fOOuk6IjXeOc5LE1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61845ecc0c8b04ffaf237c511e436c7a_JaffaCakes118

Files

61845ecc0c8b04ffaf237c511e436c7a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c6c80c489819e114c5a3a5930dff037a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
RtlUnwind
IsValidCodePage
GlobalGetAtomNameW
GetDateFormatA
GetCPInfo
HeapReAlloc
HeapSize
GetConsoleOutputCP
SetFilePointer
TlsAlloc
TlsSetValue
EnumResourceTypesA
GetOEMCP
GetLocaleInfoA
SetThreadExecutionState
GetACP
VirtualAlloc
GetTimeFormatA
SetStdHandle
WriteConsoleA
MultiByteToWideChar
RaiseException

rpcrt4

RpcStringFreeA

shell32

SHGetDataFromIDListW
ShellExecuteExA
SHGetPathFromIDListA
DragAcceptFiles
SHBrowseForFolderA
SHGetFileInfoA
Shell_NotifyIconA

user32

LoadStringA
DispatchMessageA
MessageBoxA
CharNextA
PeekMessageA
GetDesktopWindow
DispatchMessageW
wsprintfA

Sections

.text
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 90KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ