f7c96154b65069ca510bb91097b74b95_JaffaCakes118 | Triage

Sharing

General

Target

f7c96154b65069ca510bb91097b74b95_JaffaCakes118
Size

273KB
MD5

f7c96154b65069ca510bb91097b74b95
SHA1

fa05314ef1257466c705a64870b13d39a11a13ae
SHA256

f1e94b5c0b5dc04bef3c9fb6fa7e0781a97c06af80dd5aadef4572f7fa2efbbb
SHA512

66fdd3854fbcfa1c024ee20ae627c7ad26ad291926f46a64cb6fe09b0a11c32e033b68de8dbcc05a3e1dadeb76d79891607b0ff10b3247d4c2382a95ec4dd7a4
SSDEEP

6144:NMolZxxSIRDjXjoLZrMFUjGWmbuYyGyQ2Mpya34E7csdran4B:NfxRxjzoxqUauL7M3F7ldranO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7c96154b65069ca510bb91097b74b95_JaffaCakes118

Files

f7c96154b65069ca510bb91097b74b95_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5f08b04066ba83740e438e13cd65fd8d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDateFormatA
GlobalGetAtomNameW
GetLocaleInfoA
HeapReAlloc
SetFilePointer
IsValidCodePage
GetACP
GetOEMCP
WriteConsoleA
SetStdHandle
MultiByteToWideChar
EnumResourceTypesA
HeapSize
GetConsoleOutputCP
VirtualAlloc
GetCPInfo
TlsSetValue
SetThreadLocale
GetTimeFormatA
TlsGetValue
TlsAlloc
RtlUnwind
RaiseException

rpcrt4

RpcStringFreeA

user32

DispatchMessageA
PeekMessageA
DispatchMessageW
GetDesktopWindow
MessageBoxA
LoadStringA
CharNextA
wsprintfA

shell32

SHGetDataFromIDListW
SHBrowseForFolderA
DragAcceptFiles
ShellExecuteExA
SHGetPathFromIDListA
SHGetFileInfoA
Shell_NotifyIconA

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 134KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ