add29eda65680335541ef3fd5bc031ea_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

add29eda65680335541ef3fd5bc031ea_JaffaCakes118
Size

188KB
MD5

add29eda65680335541ef3fd5bc031ea
SHA1

b4dfd73c92cbd299b08a18074e396571c5476d44
SHA256

ea62c3659c3145e5f3570209479ac6ef0b209d1a35d99fe8ae4fd62661e4c9f4
SHA512

e8c49c70c1f4efd4bd73e2752bd521cb44c1e30672d83975ecd92e88c03ae134818c457b384316fce6c20fc6a6b34841768220e9950edde911dc716e08a4f044
SSDEEP

3072:V3NwboQCsSOwYqZSwoJKko4mmZtsOHAHLknDdQm5tFyZLP8VRFHt:V3G0B7Zz4nZCOuLknJx5tFyZLGl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
add29eda65680335541ef3fd5bc031ea_JaffaCakes118

Files

add29eda65680335541ef3fd5bc031ea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

af1394cf798a9ce03f6d1c0ce1d5f100

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetLocaleInfoA
HeapReAlloc
GetAtomNameA
RtlUnwind
VirtualAlloc
IsValidCodePage
GetTimeFormatA
SetFilePointer
HeapSize
MultiByteToWideChar
GetCPInfo
TlsGetValue
EnumResourceTypesA
GetUserGeoID
GetDateFormatA
GetConsoleOutputCP
TlsSetValue
WriteConsoleA
TlsAlloc
GetOEMCP
SetStdHandle
RaiseException

user32

GetDesktopWindow
DispatchMessageA
MessageBoxA
LoadStringA
CharNextA
PeekMessageA
DispatchMessageW
wsprintfA

rpcrt4

RpcStringFreeA

shell32

SHGetUnreadMailCountW
ShellExecuteExA
DragAcceptFiles
SHBrowseForFolderA
SHGetFileInfoA
SHAppBarMessage
SHGetPathFromIDListA
Shell_NotifyIconA

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 90KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ