13d7bf97d8e7dde63984cbbcbbac90c6_JaffaCakes118 | Triage

Sharing

General

Target

13d7bf97d8e7dde63984cbbcbbac90c6_JaffaCakes118
Size

297KB
MD5

13d7bf97d8e7dde63984cbbcbbac90c6
SHA1

2bba5973abeb47a0e0cb83022cf60d5bbf8c08c1
SHA256

99345e2640123969a2e782724cc0371b649b786cb9cc2ddff379f6b65bbe9b4f
SHA512

cfd5a6efe25ac5dd32a0dc675f96d5a3da747f477ac8532fea28410adff14e4db13f8a9b5ad76fd51ac1b7fd9af1b908a905497c4c047961d3300af7014d28fe
SSDEEP

6144:TAUDfGXlNzOfr7X/KAcgtKjH12PuyAs7q1faa5hdG5/8HTF:bqVNzgrj/pc4KL12P02q1y/8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13d7bf97d8e7dde63984cbbcbbac90c6_JaffaCakes118

Files

13d7bf97d8e7dde63984cbbcbbac90c6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f5b477469cb9e948f250e3ef53fc29ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameW
HeapSize
GetLocaleInfoA
VirtualAlloc
SetStdHandle
GetCPInfo
TlsAlloc
IsValidCodePage
TlsSetValue
HeapReAlloc
GetConsoleOutputCP
EnumResourceNamesA
MultiByteToWideChar
GetACP
EnumSystemCodePagesA
GetTimeFormatA
GetDateFormatA
RtlUnwind
WriteConsoleA
GetOEMCP
SetFilePointer
TlsGetValue
RaiseException

occache

FindControlClose

shell32

SHGetDataFromIDListW
DragAcceptFiles
SHGetDesktopFolder
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
ShellExecuteW
SHAppBarMessage
ShellExecuteExW
SHGetFileInfoW
SHGetMalloc
Shell_NotifyIconW

Sections

.text
Size: 146KB - Virtual size: 270KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ