JaffaCakes118_654da3a688777ad0bb34678cac648ea0 | Triage

Sharing

General

Target

JaffaCakes118_654da3a688777ad0bb34678cac648ea0
Size

115KB
MD5

654da3a688777ad0bb34678cac648ea0
SHA1

458261040fecd4107270fd6f34a2d071022862cf
SHA256

ec23028f37e8435b3e7c2ecb187345f9e5ad458b09f48a1a7aefb2a621d22f00
SHA512

970ec6c21abff23019c68fce31580bc02631051b1ed8b78967a0c35f953ca1f4f4270c42a4b320f600b48374cc3f84458f84b64a4529b1683a7a9b4efabc2f7e
SSDEEP

3072:zyVShrzw7jUsbMUF9Mj7Zra7mjVinzh4dB:yGrzwPUGMg6U7mjWg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_654da3a688777ad0bb34678cac648ea0

Files

JaffaCakes118_654da3a688777ad0bb34678cac648ea0
.exe windows:4 windows x86 arch:x86

976a0bd579170c5086c1ac165b57507e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreatePipe
CloseHandle
IsValidLocale
GetFileAttributesA
WriteConsoleW
lstrcpyW
IsBadCodePtr
GetStartupInfoA
lstrlenW
GetFileSize
GetLastError
GetFileTime
HeapCreate
IsBadStringPtrA
WriteConsoleW
CopyFileW
GetModuleHandleA
WriteConsoleW
GetCurrentDirectoryA
SetPriorityClass
ReleaseMutex

msftedit

RichComboBoxWndProc
RichEditWndProc
RichListBoxWndProc
SetCustomTextOutHandlerEx

shell32

ShellMessageBoxA
ExtractIconA
ShellMessageBoxA
DuplicateIcon
StrChrA
SHGetFileInfoA
DragQueryFileA
DragAcceptFiles
SHGetMalloc
SHGetSettings
SHGetMalloc
ShellAboutA
ShellAboutA

msasn1

ASN1BERDecBool

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 67B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ