f3f14d9e9d00cc5042719271483a5d87_JaffaCakes118 | Triage

Sharing

General

Target

f3f14d9e9d00cc5042719271483a5d87_JaffaCakes118
Size

283KB
MD5

f3f14d9e9d00cc5042719271483a5d87
SHA1

46b2dcb37ba8834f222e853b141ecc00984f7882
SHA256

eaafd44c71f155d0226c4a7ac2ac26eda5ef205c92422cde9136aba2d5088127
SHA512

6bf059142b9d9debd9f64fe63b74695df02344de602c3066325d0acee97e1f35c7d8ee65a99644218e9b2fdd34d58a9721ffc30831c70f0d1aed9e5ab599c851
SSDEEP

6144:YFB4TgURnE22PeSNJCBbYmBxFgx7W6zbls/MOrMznAAuBexFv2F:YF4ztdOeSNsU4/gxtB87AsAuInv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3f14d9e9d00cc5042719271483a5d87_JaffaCakes118

Files

f3f14d9e9d00cc5042719271483a5d87_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c6a4b2c52529c9da90abfe2a4edc19eb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
GlobalGetAtomNameA
GetDateFormatA
SetFilePointer
RtlUnwind
HeapReAlloc
VirtualAlloc
GetTimeFormatA
TlsAlloc
MultiByteToWideChar
SetStdHandle
WriteConsoleA
TlsSetValue
EnumResourceNamesA
GetOEMCP
GetCPInfo
CreateHardLinkA
GetConsoleOutputCP
TlsGetValue
GetLocaleInfoA
IsValidCodePage
GetACP
RaiseException

shell32

SHGetFolderLocation
SHGetMalloc
SHAppBarMessage
SHBrowseForFolderA
DragAcceptFiles
ShellExecuteExA
SHGetFileInfoA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA
Shell_NotifyIconA

occache

FindControlClose

Sections

.text
Size: 130KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ