95ce1b832122b230f6853b7dbe04b4bf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

95ce1b832122b230f6853b7dbe04b4bf_JaffaCakes118
Size

179KB
MD5

95ce1b832122b230f6853b7dbe04b4bf
SHA1

9a715640a20dc4cefe667422a95feb06bf0fbdf8
SHA256

4ae70a24ddfafcd2981da951eb0def38a5b9b5aceb04ba467ee8adf0fca35091
SHA512

a1020361966b2d63acb6cf442e7da7eb1ce36c65ab7bcdcb3cdf8f867b3648281d63e9b93c596ecf62b2c22579232ad10ef599c6b76906c8a7a8e91643f69f15
SSDEEP

3072:JpMly0fUZyWSlhnjhcQgGZLP0WeWZYCBZAFFWMI4UHBaBFphsYWuVzXq:JGU0AQgqD0WrZYCYF1IXotbWu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95ce1b832122b230f6853b7dbe04b4bf_JaffaCakes118

Files

95ce1b832122b230f6853b7dbe04b4bf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

11d7e0489f4b5edca09387d27bfd5a19

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetCPInfo
IsValidCodePage
GlobalGetAtomNameW
GetOEMCP
GetLocaleInfoA
WriteConsoleA
GetTimeFormatA
GetConsoleOutputCP
SetFilePointer
HeapSize
GetACP
MultiByteToWideChar
EnumResourceTypesA
TlsGetValue
TlsSetValue
SetStdHandle
SetThreadExecutionState
GetDateFormatA
HeapReAlloc
RtlUnwind
TlsAlloc
RaiseException

rpcrt4

RpcStringFreeA

user32

GetDesktopWindow
DispatchMessageA
PeekMessageA
LoadStringA
DispatchMessageW
MessageBoxA
CharNextA
wsprintfA

shell32

SHGetDataFromIDListW
DragAcceptFiles
SHGetFileInfoA
SHBrowseForFolderA
ShellExecuteExA
SHGetPathFromIDListA
Shell_NotifyIconA

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 95KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ