ad92ee8875bc8ccf4ad76645d7822ebc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad92ee8875bc8ccf4ad76645d7822ebc_JaffaCakes118
Size

188KB
MD5

ad92ee8875bc8ccf4ad76645d7822ebc
SHA1

57c7745cc7753155eeb6d9f2b340a9f30f8f669e
SHA256

44392fd6f4fd391e65a920b570e2bb66ded66720f6f631c365591ac769370def
SHA512

9933ec5e289b47a5eaac420b67123c624cc531a84497e736be2da20c74b3a5a5cb704244d5853a73117e6d52799c565899da1278616ee30e500fd923bb4cf44a
SSDEEP

3072:LhG3HMZ8cUJf4gWN2QFoRm/NReKQrwIUcxzyzIeNtQV4RmUCncwa/zfb7I3eccXk:43HMJsXWst0/rT/I3tkDtmB9ncwaLfIt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad92ee8875bc8ccf4ad76645d7822ebc_JaffaCakes118

Files

ad92ee8875bc8ccf4ad76645d7822ebc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cd63c096e2fa04cafa52013be9248b2c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
GetConsoleOutputCP
GetACP
GlobalGetAtomNameW
VirtualAlloc
GetOEMCP
HeapSize
SetFilePointer
MultiByteToWideChar
GetCPInfo
GetLocaleInfoA
EnumResourceTypesW
TlsGetValue
SetStdHandle
IsValidCodePage
SetUserGeoID
GetDateFormatA
TlsAlloc
HeapReAlloc
WriteConsoleA
GetTimeFormatA
TlsSetValue
RaiseException

rpcrt4

RpcStringFreeA

shell32

SHGetUnreadMailCountW
ShellExecuteExA
SHGetFileInfoA
SHBrowseForFolderA
SHGetPathFromIDListA
DragAcceptFiles
Shell_NotifyIconA

user32

LoadStringA
DispatchMessageA
MessageBoxA
DispatchMessageW
PeekMessageA
CharNextA
GetDesktopWindow
wsprintfA

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ