ecb228ac42017ad01f44325eb7a33105_JaffaCakes118 | Triage

Sharing

General

Target

ecb228ac42017ad01f44325eb7a33105_JaffaCakes118
Size

275KB
MD5

ecb228ac42017ad01f44325eb7a33105
SHA1

7fcdb8d5ba7fb10c2c70c2e078fb70a1fa55d94c
SHA256

c8ab2d803c925ac75930a74500090458300e8f1c79b35495a38fdd5b8b05fb91
SHA512

b3bfe7ec82d6a0646a57082eaed8ddeffb671266bf845515aa7b7109ec735c8e4230dc6c5cfaeac9901199dabe20bb1e35eabf2c488c20194da05265bd4ce6cd
SSDEEP

6144:zoV42fp5LWClaTdATs0pjJr5GQqmMOBs91C6beffXcEi3TvqfvGWCW5m:zoVXzLWcaBAX/geMX9I6KX/4TvgG1wm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ecb228ac42017ad01f44325eb7a33105_JaffaCakes118

Files

ecb228ac42017ad01f44325eb7a33105_JaffaCakes118
.exe windows:4 windows x86 arch:x86

71851c32ce782250552c168f87a9134d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
IsValidCodePage
HeapSize
GlobalGetAtomNameW
SetFilePointer
TlsSetValue
SetStdHandle
TlsAlloc
WriteConsoleA
GetTimeFormatA
MultiByteToWideChar
EnumResourceTypesA
GetCPInfo
GetLocaleInfoA
SetThreadLocale
GetConsoleOutputCP
GetACP
GetOEMCP
RtlUnwind
GetDateFormatA
VirtualAlloc
TlsGetValue
RaiseException

user32

PeekMessageA
DispatchMessageA
CharNextA
DispatchMessageW
GetDesktopWindow
LoadStringA
MessageBoxA
wsprintfA

shell32

SHGetDataFromIDListW
SHGetFileInfoA
DragAcceptFiles
SHGetPathFromIDListA
ShellExecuteExA
SHBrowseForFolderA
Shell_NotifyIconA

rpcrt4

RpcStringFreeA

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 146KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ