d64f5489e67217f42d57dd6e62da3557_JaffaCakes118 | Triage

Sharing

General

Target

d64f5489e67217f42d57dd6e62da3557_JaffaCakes118
Size

270KB
MD5

d64f5489e67217f42d57dd6e62da3557
SHA1

96a9d70e7fc8ea6c86a5382df8b161b069bef243
SHA256

00888a3f7e158d8212fdce6622591927d329e235f8edfadf9b5fc85feae11e32
SHA512

5b745c79f02ca2b9ec35fb8017841e29a4ed1633fac7095bbf81e8b89a29e685acc0281fcc2e910ee52f1abd9e3aaaba6601ec4a4588199e8778f5b5f1c77035
SSDEEP

6144:QrzDLpZxd5DNTrtH1/zqKTYtIe+PQLwm9dt3eD:QnD1zXHJNPNm9dc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d64f5489e67217f42d57dd6e62da3557_JaffaCakes118

Files

d64f5489e67217f42d57dd6e62da3557_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0be4603e442a7254769d318e12e7f7e8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
TlsGetValue
GlobalGetAtomNameW
GetACP
MultiByteToWideChar
RtlUnwind
GetDateFormatA
HeapReAlloc
IsValidCodePage
GetCPInfo
VirtualAlloc
EnumResourceTypesA
GetTimeFormatA
GetConsoleOutputCP
SetStdHandle
TlsSetValue
WriteConsoleA
SetThreadLocale
TlsAlloc
HeapSize
SetFilePointer
GetLocaleInfoA
RaiseException

user32

DispatchMessageA
MessageBoxA
PeekMessageA
LoadStringA
DispatchMessageW
GetDesktopWindow
CharNextA
wsprintfA

rpcrt4

RpcStringFreeA

shell32

SHGetDataFromIDListW
SHGetFileInfoA
DragAcceptFiles
ShellExecuteExA
SHGetPathFromIDListA
SHBrowseForFolderA
Shell_NotifyIconA

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 152KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ