c05073aad6f0fa15fc8fdd29eb83b83a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c05073aad6f0fa15fc8fdd29eb83b83a_JaffaCakes118
Size

294KB
MD5

c05073aad6f0fa15fc8fdd29eb83b83a
SHA1

d2d49685c48c1a9840bf354512109ab3d65dea53
SHA256

b9ba97fc845dbaa29e08a2b82042bb880c4c95d4f01a1a824faa0c8ea62190b2
SHA512

f5460701106b3515571c18b27c920b2ae1c54d83261cb2647e867657fecdd9ba051156d003af848cc9d9ae95627cdf98954c33065d35ea05157171f42a63d606
SSDEEP

6144:PArzVQnE8sgdem2fHD/UH0zSd3OteAhaXm3MmyZSP5bbiJM+o2j8rkaynWZk:S4E8sgdem2fTUH0WB85hCeMmMSBJBZrK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c05073aad6f0fa15fc8fdd29eb83b83a_JaffaCakes118

Files

c05073aad6f0fa15fc8fdd29eb83b83a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3921c2e82376b2700c803c095dbd96ae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleOutputCP
HeapSize
GetACP
GetAtomNameW
IsValidCodePage
GetDateFormatA
HeapReAlloc
VirtualAlloc
SetFilePointer
GetOEMCP
EnumResourceNamesA
TlsGetValue
GetTimeFormatA
SetStdHandle
TlsSetValue
WriteConsoleA
EnumSystemCodePagesA
RtlUnwind
TlsAlloc
MultiByteToWideChar
GetCPInfo
GetLocaleInfoA
RaiseException

shell32

SHGetDataFromIDListW
DragAcceptFiles
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteExW
SHGetFileInfoW
SHGetDesktopFolder
SHBrowseForFolderW
ShellExecuteW
SHAppBarMessage
Shell_NotifyIconW

occache

FindControlClose

Sections

.text
Size: 140KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ