a8b5432081140d1ca233ca337e9c7338_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a8b5432081140d1ca233ca337e9c7338_JaffaCakes118
Size

180KB
MD5

a8b5432081140d1ca233ca337e9c7338
SHA1

ea4a72659fb2cd06678f63f8c0c81e1f728dd8e5
SHA256

be86d7a92a47b92e9fd5e0247580ff9c3932f0a630f696a4f3794a46978dd3e7
SHA512

4efef6eac611f8b664999cf48e7366e7bb63bff718b35234bf1d44f78c4f32b4ef2ad0c2cc56b0dbc78eec48b0971a77a91e30ef4e42762c35c6f3ec7d71449c
SSDEEP

3072:tN9VzO7snHa5MMZh3b7sy3n84Gyycq05ZsauFN6+qT7wkF9x3kDd7Q14R0:n3zOYHa5MMLhnIFXpy7kK14R0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8b5432081140d1ca233ca337e9c7338_JaffaCakes118

Files

a8b5432081140d1ca233ca337e9c7338_JaffaCakes118
.exe windows:4 windows x86 arch:x86

86b30abea9bf7d81b00a0a7b02633b59

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameW
VirtualAlloc
SetStdHandle
GetOEMCP
HeapReAlloc
IsValidCodePage
RtlUnwind
TlsSetValue
WriteConsoleA
TlsGetValue
HeapSize
GetCPInfo
EnumResourceTypesA
GetTimeFormatA
SetFilePointer
SetThreadExecutionState
GetConsoleOutputCP
GetACP
GetLocaleInfoA
GetDateFormatA
TlsAlloc
MultiByteToWideChar
RaiseException

rpcrt4

RpcStringFreeA

user32

PeekMessageA
GetDesktopWindow
DispatchMessageW
MessageBoxA
LoadStringA
DispatchMessageA
CharNextA
wsprintfA

shell32

SHGetDataFromIDListW
SHGetPathFromIDListA
SHBrowseForFolderA
DragAcceptFiles
SHGetFileInfoA
ShellExecuteExA
Shell_NotifyIconA

Sections

.text
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ