cd459b5d7ce33980aa895c511dfbc715_JaffaCakes118 | Triage

Sharing

General

Target

cd459b5d7ce33980aa895c511dfbc715_JaffaCakes118
Size

282KB
MD5

cd459b5d7ce33980aa895c511dfbc715
SHA1

c797f1b77ed83e4dd0f6572a4a1f6f4cd26d9d70
SHA256

6bd7c4de6608a66b29d48912a5a38a1dcf523f4b24f531ec6ca2520193171beb
SHA512

1102c48caaaeaf5ec3bd85d6e824ab89c62244916427a72f7b3d9420ba7db42879087b336d98de7e6525d15b551b4f391ac29115b63741b0256eb3f6d5284ae6
SSDEEP

6144:Izf/4vSu9hHaZBynO1qQZq2kwJD7DOZa6emP/CvL:Izf/c9hHXQY2kqD7DOw6eeaT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd459b5d7ce33980aa895c511dfbc715_JaffaCakes118

Files

cd459b5d7ce33980aa895c511dfbc715_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ddba739450f63ae3d114d8e82f8e11c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
TlsAlloc
GlobalGetAtomNameA
GetOEMCP
VirtualAlloc
GetDateFormatA
IsValidCodePage
GetCPInfo
SetFilePointer
GetTimeFormatA
GetACP
TlsGetValue
EnumResourceNamesA
MultiByteToWideChar
RtlUnwind
HeapReAlloc
CreateHardLinkA
WriteConsoleA
GetLocaleInfoA
SetStdHandle
HeapSize
GetConsoleOutputCP
RaiseException

rpcrt4

RpcStringFreeA

shell32

SHGetFolderLocation
SHGetSpecialFolderLocation
ShellExecuteA
SHGetDesktopFolder
SHGetPathFromIDListA
SHGetFileInfoA
SHGetMalloc
SHAppBarMessage
SHBrowseForFolderA
ShellExecuteExA
DragAcceptFiles
Shell_NotifyIconA

user32

LoadStringA
GetDesktopWindow
DispatchMessageW
MessageBoxA
PeekMessageA
CharNextA
DispatchMessageA
wsprintfA

Sections

.text
Size: 129KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ