70b3cc6eb202cddd6e7006eb50656097_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

70b3cc6eb202cddd6e7006eb50656097_JaffaCakes118
Size

188KB
MD5

70b3cc6eb202cddd6e7006eb50656097
SHA1

2fa0abd8ce0f297fba83042c236f7ac121867fc4
SHA256

b41d62ee0412146176027ba159f5bee55071c2905f294b4740f3981b1fcb7d88
SHA512

9391d3621b63aa994f1e2e6354144d9abb69b0eeb6333aea59eafe3443aa295ad73a2216a9598c072ac8e079bdc6aaa681eaaf1896067c36a8d58761d12c7a23
SSDEEP

3072:aePfg7kq2Nxs+Eyj8XkaOnnPIsyqqsX/Q1j2PrUG/tRy+W5Fqr3G:lgQqrhyj8X4nPIDqqsY1jRG/toni3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70b3cc6eb202cddd6e7006eb50656097_JaffaCakes118

Files

70b3cc6eb202cddd6e7006eb50656097_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f9f2009082698e970961819a4599fb45

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
TlsGetValue
GetAtomNameA
TlsAlloc
VirtualAlloc
GetACP
IsValidCodePage
GetTimeFormatA
WriteConsoleA
RtlUnwind
HeapReAlloc
EnumResourceNamesW
SetFilePointer
MultiByteToWideChar
CreateSemaphoreA
SetStdHandle
GetLocaleInfoA
GetOEMCP
GetConsoleOutputCP
HeapSize
GetDateFormatA
GetCPInfo
RaiseException

shell32

SHGetUnreadMailCountW
ShellExecuteExA
DragAcceptFiles
SHGetFileInfoA
SHAppBarMessage
SHGetPathFromIDListA
SHBrowseForFolderA
Shell_NotifyIconA

rpcrt4

RpcStringFreeA

user32

GetDesktopWindow
MessageBoxA
LoadStringA
DispatchMessageA
PeekMessageA
DispatchMessageW
CharNextA
wsprintfA

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 90KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ