c9f9737348a543e60117ab280dded5cd_JaffaCakes118 | Triage

Sharing

General

Target

c9f9737348a543e60117ab280dded5cd_JaffaCakes118
Size

173KB
MD5

c9f9737348a543e60117ab280dded5cd
SHA1

6eb3695864b28ebe99b44e2bed88c1f924a3d26c
SHA256

600407241da060c46887b337564359531405adfbfa92475a3100aaa559807ec5
SHA512

c5a5c28e478cfe60f0a19990c4e815934b72e250b625d1f98d722c235c26e5a063459765e162521d4c4c2ea87dfb5b08267c45c362b799a387611b5f7207d455
SSDEEP

3072:i9DX4mWWPLBFls716MUediJUBID4eJJ901FZnE5Fl90H9sTffK3M8fonrhWEByMv:iRFNLBFqXUtUSJy1Q5F0H9wq3Mi8DBHn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9f9737348a543e60117ab280dded5cd_JaffaCakes118

Files

c9f9737348a543e60117ab280dded5cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c7f6d28a503f8c9bf4944120641a115d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeFormatA
RtlUnwind
GetAtomNameA
SetFilePointer
SetStdHandle
WriteConsoleA
GetLocaleInfoA
HeapReAlloc
HeapSize
GetDateFormatA
MultiByteToWideChar
IsValidCodePage
EnumResourceTypesA
TlsSetValue
CreateToolhelp32Snapshot
VirtualAlloc
GetCPInfo
TlsAlloc
GetConsoleOutputCP
GetOEMCP
GetACP
TlsGetValue
RaiseException

user32

CharNextA
MessageBoxA
PeekMessageA
DispatchMessageA
DispatchMessageW
LoadStringA
GetDesktopWindow
wsprintfA

rpcrt4

RpcStringFreeA

shell32

SHGetUnreadMailCountW
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteExA
SHAppBarMessage
DragAcceptFiles
SHGetFileInfoA
Shell_NotifyIconA

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 476KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ