fe404777090823992e32a88c3c717f41_JaffaCakes118 | Triage

Sharing

General

Target

fe404777090823992e32a88c3c717f41_JaffaCakes118
Size

286KB
MD5

fe404777090823992e32a88c3c717f41
SHA1

6d0a91386db6da5079e3465f688219ae40f448bd
SHA256

8533e3385fa9396607aa31954a49e079c775e08c58a2dac234cf6e93d14f5347
SHA512

e3c0bc874b20ac9beadc21c2c846c2ed63fbbec02c6ff2207973914b6f53f790f45c5cce1b464e6bdfa3245b7e2100b6150385678cff9ffb2fec0e1dcfef63a4
SSDEEP

6144:huGni7OMhcYL14kxpVoP0n0tCgvcmZTKQ2SHDFrtK:Qmi7OMhcYZ4kjVocn0/kETKiDf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe404777090823992e32a88c3c717f41_JaffaCakes118

Files

fe404777090823992e32a88c3c717f41_JaffaCakes118
.exe windows:4 windows x86 arch:x86

388c51939e3af6bdc843e08c212e5323

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameA
GetCPInfo
GetACP
SetStdHandle
MultiByteToWideChar
HeapSize
WriteConsoleA
TlsAlloc
GetConsoleOutputCP
TlsGetValue
EnumResourceNamesW
HeapReAlloc
SetFilePointer
RtlUnwind
GetOEMCP
GetTimeFormatA
CreateSemaphoreA
TlsSetValue
IsValidCodePage
VirtualAlloc
GetDateFormatA
GetLocaleInfoA
RaiseException

user32

DispatchMessageA
CharNextA
PeekMessageA
LoadStringA
DispatchMessageW
MessageBoxA
GetDesktopWindow
wsprintfA

shell32

SHGetUnreadMailCountW
SHAppBarMessage
ShellExecuteExA
SHGetPathFromIDListA
DragAcceptFiles
SHGetFileInfoA
SHBrowseForFolderA
Shell_NotifyIconA

rpcrt4

RpcStringFreeA

Sections

.text
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 146KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ