d642c4afd66e73bd3301b521e1868320_JaffaCakes118 | Triage

Sharing

General

Target

d642c4afd66e73bd3301b521e1868320_JaffaCakes118
Size

185KB
MD5

d642c4afd66e73bd3301b521e1868320
SHA1

49db0f732abd4d60dea25d373d0dc5c1db7cd39d
SHA256

899d4bd59decc342a84f91db4333a8e171792b6e6ef09dc03952187d965c76aa
SHA512

0f18a92bc18f8266ff500a9e9cf76b4b4a504ca01ad036cb5ba7681d9d6fab749c695c007acb90a7fcc384b11193e8ebd623c22164170cc449c3ae6faf490e78
SSDEEP

3072:Q3y9TNgua+mBuaH7l5nmOD6st4S5xAOoujmDX8JXAOeHcdOUO9Xtq0tw4c:moN0+m8OllD6JqxeujU8JXGcwt1tXwb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d642c4afd66e73bd3301b521e1868320_JaffaCakes118

Files

d642c4afd66e73bd3301b521e1868320_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f6b7a1f8702da53af73d134fdac38b08

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
RtlUnwind
TlsSetValue
IsValidCodePage
SetFilePointer
MultiByteToWideChar
VirtualAlloc
SetStdHandle
GetCPInfo
HeapReAlloc
GetConsoleOutputCP
EnumResourceNamesA
GetOEMCP
GetLocaleInfoA
GetDateFormatA
GetModuleHandleW
TlsAlloc
GetTimeFormatA
WriteConsoleA
TlsGetValue
HeapSize
GetACP
RaiseException

shell32

SHGetFolderLocation
SHGetMalloc
SHBrowseForFolderW
ShellExecuteW
SHGetPathFromIDListW
ShellExecuteExW
SHGetFileInfoW
SHGetDesktopFolder
SHGetSpecialFolderLocation
DragAcceptFiles
SHAppBarMessage
Shell_NotifyIconW

occache

FindControlClose

Sections

.text
Size: 85KB - Virtual size: 225KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ