a8ae4098ec4487575459754266c47de5_JaffaCakes118 | Triage

Sharing

General

Target

a8ae4098ec4487575459754266c47de5_JaffaCakes118
Size

281KB
MD5

a8ae4098ec4487575459754266c47de5
SHA1

8daad8626d332fcae5efbb4178cfa1b933f667d5
SHA256

6b53c11d275b8b12ba4ecd2dcb60329747df81874b25cdd5addba781b91cd0f6
SHA512

df5e2df51d6e8414860d30277c0f22315972da7a2ee2bac67902344098ef513cd001f57c8a6be20ab76db73003500b2f3655a307c417479f41fac8f6b5b32e6b
SSDEEP

6144:hG9fc8FuSTCIxJnMqktvhIaQvg2/bu36gVswSGqTtld1+Vm:hG9fc8fvxiqkQaQY2/buKYPIn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8ae4098ec4487575459754266c47de5_JaffaCakes118

Files

a8ae4098ec4487575459754266c47de5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3b2193edf99ced5b6558899952bb96cb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
WriteConsoleA
GetTimeFormatA
GetLocaleInfoA
GetOEMCP
VirtualAlloc
TlsSetValue
GetDateFormatA
IsValidCodePage
MultiByteToWideChar
SetStdHandle
HeapReAlloc
GetConsoleOutputCP
EnumResourceNamesA
TlsGetValue
CreateHardLinkA
GetCPInfo
HeapSize
GetACP
SetFilePointer
RtlUnwind
TlsAlloc
RaiseException

shell32

SHGetFolderLocation
SHGetFileInfoW
SHBrowseForFolderW
SHGetMalloc
SHAppBarMessage
SHGetPathFromIDListW
ShellExecuteW
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragAcceptFiles
ShellExecuteExW
Shell_NotifyIconW

occache

FindControlClose

Sections

.text
Size: 125KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ