e3f540d2c1bec03f3dacc75d0057b942_JaffaCakes118 | Triage

Sharing

General

Target

e3f540d2c1bec03f3dacc75d0057b942_JaffaCakes118
Size

176KB
MD5

e3f540d2c1bec03f3dacc75d0057b942
SHA1

ce65f2ba83a7d9d997566c60ff0f43fe8565d348
SHA256

319edcd705e76c1ae09e9ef383a964a042c71d6cd859f6181ab7b16d678e4afe
SHA512

b7c81f66d52be1a28049d8f7220453611cee326f6ccbf458b37aa0f1ca4f7b36fc4303d381aeb62ddb0623f0b45f6b779a4dc6b7380f843d1cb98a086d190baa
SSDEEP

3072:/CsNAKJx/U5Z5X81JAhMcQM3+2Kl9Vd/PwmJ35I7EFEes5iPMARCksh2c6JNB5oS:/DAQG5GJgMcvgl/Pwc36OpXR+hF6z7bX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e3f540d2c1bec03f3dacc75d0057b942_JaffaCakes118

Files

e3f540d2c1bec03f3dacc75d0057b942_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f4f687f8ed26375f8219f52a85a872d0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
GetAtomNameW
GetLocaleInfoA
WriteConsoleA
GetOEMCP
GetTimeFormatA
RtlUnwind
HeapSize
TlsGetValue
GetConsoleOutputCP
HeapReAlloc
GetDateFormatA
EnumResourceNamesA
VirtualAlloc
SetStdHandle
EnumSystemCodePagesA
TlsAlloc
TlsSetValue
SetFilePointer
IsValidCodePage
MultiByteToWideChar
GetACP
RaiseException

shell32

SHGetDataFromIDListW
DragAcceptFiles
SHAppBarMessage
SHGetFileInfoW
ShellExecuteExW
SHGetMalloc
ShellExecuteW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetDesktopFolder
SHGetSpecialFolderLocation
Shell_NotifyIconW

occache

FindControlClose

Sections

.text
Size: 83KB - Virtual size: 475KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ