948bc71f8aae58b5332c10b5396dcbe9_JaffaCakes118 | Triage

Sharing

General

Target

948bc71f8aae58b5332c10b5396dcbe9_JaffaCakes118
Size

284KB
MD5

948bc71f8aae58b5332c10b5396dcbe9
SHA1

093ffec233f944752712ead88fcc22dc33ff5554
SHA256

877cc1c23a5c828a19f01b32d82fcf8b1ee437d756c7c36af7f3013fca575f67
SHA512

552d0413f803032464f7c0e95ba109d019fda79a5e724e6f8fea2de3cd8836662945d300cf4e523ff8c7c8fa7abacc6e366492d7e508e65a880b80a62cfb00ef
SSDEEP

6144:5uI1lgMnr1Jq9PkN7RC8aO06RVlavvwBC9kXLAdgmymnHPa/Tqk81KmM:Iqi9Pkl7n0S3av0XLAdnyYvWHmM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
948bc71f8aae58b5332c10b5396dcbe9_JaffaCakes118

Files

948bc71f8aae58b5332c10b5396dcbe9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

997e03026351138fbb3401d1d02e195d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GlobalGetAtomNameA
IsValidCodePage
TlsSetValue
TlsAlloc
TlsGetValue
VirtualAlloc
GetConsoleOutputCP
RtlUnwind
SetFilePointer
GetDateFormatA
HeapSize
EnumResourceNamesA
GetTimeFormatA
CreateHardLinkA
SetStdHandle
HeapReAlloc
GetCPInfo
GetLocaleInfoA
GetOEMCP
GetACP
WriteConsoleA
RaiseException

shell32

SHGetFolderLocation
ShellExecuteW
DragAcceptFiles
SHGetSpecialFolderLocation
ShellExecuteExW
SHBrowseForFolderW
SHAppBarMessage
SHGetDesktopFolder
SHGetPathFromIDListW
SHGetFileInfoW
SHGetMalloc
Shell_NotifyIconW

occache

FindControlClose

Sections

.text
Size: 136KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ