64512d67804969f69ee779cc1c593d1b_JaffaCakes118 | Triage

Sharing

General

Target

64512d67804969f69ee779cc1c593d1b_JaffaCakes118
Size

164KB
MD5

64512d67804969f69ee779cc1c593d1b
SHA1

6ccf691de78fc47dfe09ead8022c14f393f92e16
SHA256

4b740923c876de96fe602bfac8f82c1eb20dea4f67606d2541aab54a797d34f2
SHA512

9596ada94d6a0c59386f44fcfb4f1be272e572a2f75b5c17552d995e360b4ca9f6e0d73d1071962ea0df77d391ee5d9b5ce8990618d59430bb29df01f2250aea
SSDEEP

3072:/mKFB5pMTaO0etKI1rCSo+QDYr994NXyTMR0hwcsItHXD1NU0brU+:/mKFgvKI5Tj9+XiMWwcNt35NrfU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64512d67804969f69ee779cc1c593d1b_JaffaCakes118

Files

64512d67804969f69ee779cc1c593d1b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8eaa8bbf7ae5ee37f1703930c15c8189

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameW
RtlUnwind
GetDateFormatA
GetACP
MultiByteToWideChar
IsValidCodePage
GetConsoleOutputCP
GetLocaleInfoA
HeapReAlloc
GetOEMCP
EnumResourceTypesW
TlsSetValue
WriteConsoleA
VirtualAlloc
TlsGetValue
SetThreadLocale
SetStdHandle
GetTimeFormatA
SetFilePointer
HeapSize
GetCPInfo
TlsAlloc
RaiseException

rpcrt4

RpcStringFreeA

user32

CharNextA
DispatchMessageW
MessageBoxA
PeekMessageA
DispatchMessageA
GetDesktopWindow
LoadStringA
wsprintfA

shell32

SHGetDataFromIDListW
SHGetFileInfoA
ShellExecuteExA
SHGetPathFromIDListA
DragAcceptFiles
SHBrowseForFolderA
Shell_NotifyIconA

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 486KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ