107d56c6e5e2602117f574298874c787_JaffaCakes118 | Triage

Sharing

General

Target

107d56c6e5e2602117f574298874c787_JaffaCakes118
Size

284KB
MD5

107d56c6e5e2602117f574298874c787
SHA1

628c9dfab82449e62c52a56cc5def30e276b09ec
SHA256

89945b5cb4bd1d32f1e60e21b639911a90ae043d9476503c56f7535b50b1b063
SHA512

9476c6dfa52009041ff706d557be6afc8a688fbaceffd1aa5d596c48cd32659504cb99f65582375cde97945a16de4e4fc458aee88759c9a74dd2167be48c6dd1
SSDEEP

6144:5uIdlgMnr1Jq9PkN7RC8aO06RVlavvwBC9kXLAdgmymnHPa/Tqk81KmM:I6i9Pkl7n0S3av0XLAdnyYvWHmM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
107d56c6e5e2602117f574298874c787_JaffaCakes118

Files

107d56c6e5e2602117f574298874c787_JaffaCakes118
.exe windows:4 windows x86 arch:x86

997e03026351138fbb3401d1d02e195d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GlobalGetAtomNameA
IsValidCodePage
TlsSetValue
TlsAlloc
TlsGetValue
VirtualAlloc
GetConsoleOutputCP
RtlUnwind
SetFilePointer
GetDateFormatA
HeapSize
EnumResourceNamesA
GetTimeFormatA
CreateHardLinkA
SetStdHandle
HeapReAlloc
GetCPInfo
GetLocaleInfoA
GetOEMCP
GetACP
WriteConsoleA
RaiseException

shell32

SHGetFolderLocation
ShellExecuteW
DragAcceptFiles
SHGetSpecialFolderLocation
ShellExecuteExW
SHBrowseForFolderW
SHAppBarMessage
SHGetDesktopFolder
SHGetPathFromIDListW
SHGetFileInfoW
SHGetMalloc
Shell_NotifyIconW

occache

FindControlClose

Sections

.text
Size: 136KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ