e53d5f6a8efc6e31d4f56b9d8841275f_JaffaCakes118 | Triage

Sharing

General

Target

e53d5f6a8efc6e31d4f56b9d8841275f_JaffaCakes118
Size

165KB
MD5

e53d5f6a8efc6e31d4f56b9d8841275f
SHA1

4cfe2dbd02182c160199ec84e5d6555102b8f246
SHA256

37f3cdb5d0221a875a5f151e6f01c273b3e225d8886cad481c1d054a9680b924
SHA512

db951769e3e135cc3b2aa661dd6cbe693ddffb691faa3fc63826782a79d5fcd4eb7a505260e26231205f03d90e3d6941c039fb34d6d9fdca89c66d920127a9b4
SSDEEP

3072:tXRVUWm/NO0z6Qm35ed/hc9rzuhGbpObz4BnKyD16VC5ina6DhXd6G2:tXvANWP8GwXiX6V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e53d5f6a8efc6e31d4f56b9d8841275f_JaffaCakes118

Files

e53d5f6a8efc6e31d4f56b9d8841275f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

338a9da43c6baf4add77c7e6f8769f6c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
GetACP
GlobalGetAtomNameW
IsValidCodePage
HeapSize
TlsGetValue
GetCPInfo
TlsAlloc
GetDateFormatA
VirtualAlloc
GetLocaleInfoA
RtlUnwind
EnumResourceTypesA
GetOEMCP
SetFilePointer
SetStdHandle
GetTimeFormatA
SetThreadLocale
TlsSetValue
GetConsoleOutputCP
MultiByteToWideChar
WriteConsoleA
RaiseException

user32

DispatchMessageW
GetDesktopWindow
CharNextA
MessageBoxA
LoadStringA
PeekMessageA
DispatchMessageA
wsprintfA

shell32

SHGetDataFromIDListW
DragAcceptFiles
SHGetPathFromIDListA
ShellExecuteExA
SHBrowseForFolderA
SHGetFileInfoA
Shell_NotifyIconA

rpcrt4

RpcStringFreeA

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 472KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ