cc0053aba0a250c503a2ef112ff70032_JaffaCakes118 | Triage

Sharing

General

Target

cc0053aba0a250c503a2ef112ff70032_JaffaCakes118
Size

283KB
MD5

cc0053aba0a250c503a2ef112ff70032
SHA1

5faa06ae174e4a64e15a5e48c73224c79ea5302b
SHA256

eb2d3f3a35e2b8eeed9c0dec4d748f06410281463587c03f6b9d0b8b2ede2f9a
SHA512

1de1419c0ffdc420614bc5668b2b15ab56b2297dfb73bb337604455c5644c1d684eba0736a290bd87f16d278409050a2f2c8de18d9571f7ee985796080f95e10
SSDEEP

6144:YFB4TgU5nE22PeSNJCBbYmBxFgx7W6zbls/MOrMznAAuBexFv2F:YF4zldOeSNsU4/gxtB87AsAuInv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cc0053aba0a250c503a2ef112ff70032_JaffaCakes118

Files

cc0053aba0a250c503a2ef112ff70032_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c6a4b2c52529c9da90abfe2a4edc19eb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
GlobalGetAtomNameA
GetDateFormatA
SetFilePointer
RtlUnwind
HeapReAlloc
VirtualAlloc
GetTimeFormatA
TlsAlloc
MultiByteToWideChar
SetStdHandle
WriteConsoleA
TlsSetValue
EnumResourceNamesA
GetOEMCP
GetCPInfo
CreateHardLinkA
GetConsoleOutputCP
TlsGetValue
GetLocaleInfoA
IsValidCodePage
GetACP
RaiseException

shell32

SHGetFolderLocation
SHGetMalloc
SHAppBarMessage
SHBrowseForFolderA
DragAcceptFiles
ShellExecuteExA
SHGetFileInfoA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA
Shell_NotifyIconA

occache

FindControlClose

Sections

.text
Size: 130KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ