13dae238d4d43d103463969520eccbf5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

13dae238d4d43d103463969520eccbf5_JaffaCakes118
Size

186KB
MD5

13dae238d4d43d103463969520eccbf5
SHA1

9e26ab25fe658c32c79bf500d54b9a9ebc652de2
SHA256

25dcd8e8a140520fec08e69e5fe48f3446710f46b8f9d0a8567355bebe4399de
SHA512

9e580218a4987ab36da6b700335a998b85dc8d051093d7e357911331a2d33f1de042cb871462efe3845f3e7fcb174569dd6068e24d553b02379a7ffe2b1b7dee
SSDEEP

3072:+GKHmHlOkZFNtfeimGS2Q8gHzABgGSYCGbBgjHuaHSCjcvg/+r/zynMom:+VHWlttWn52xi0BgG78H/HSGcvg/qOM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13dae238d4d43d103463969520eccbf5_JaffaCakes118

Files

13dae238d4d43d103463969520eccbf5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

58f9af14a3150a18c6fb286fc8f031ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeFormatA
HeapSize
GlobalGetAtomNameW
GetACP
GetConsoleOutputCP
MultiByteToWideChar
GetLocaleInfoA
TlsSetValue
GetCPInfo
VirtualAlloc
EnumResourceNamesA
RtlUnwind
GetOEMCP
GetDateFormatA
TlsAlloc
GetModuleHandleA
TlsGetValue
IsValidCodePage
HeapReAlloc
SetStdHandle
WriteConsoleA
SetFilePointer
RaiseException

shell32

SHCreateStdEnumFmtEtc
ShellExecuteExW
ShellExecuteW
SHGetDesktopFolder
SHBrowseForFolderW
DragAcceptFiles
SHGetPathFromIDListW
SHAppBarMessage
SHGetSpecialFolderLocation
SHGetMalloc
SHGetFileInfoW
Shell_NotifyIconW

occache

FindControlClose

Sections

.text
Size: 88KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ