JaffaCakes118_66bac2cece5077089071c5bd711cdcd0 | Triage

Sharing

General

Target

JaffaCakes118_66bac2cece5077089071c5bd711cdcd0
Size

114KB
MD5

66bac2cece5077089071c5bd711cdcd0
SHA1

2718131654fb2edace3e5e35a9dfd3511f3e7022
SHA256

6552297453b219fd10e9d7e8eeee600adec77fdeb9e22d44700cb069a1ae126c
SHA512

b89b86654d09924ae398afbc2d6912f6da9128d544e2e53ade383e77b557535fec378f4e023ec48c3a55e332308a839c4d4c46fbd913bf32bf10f124ff14daf2
SSDEEP

3072:2541XzQdeGnkQJBezf73mvl2GPdIFmAx32hqkO:2tgGkQ/KS0GP2FmAx3gO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_66bac2cece5077089071c5bd711cdcd0

Files

JaffaCakes118_66bac2cece5077089071c5bd711cdcd0
.exe windows:4 windows x86 arch:x86

734f1a17d6dbfe0c1aabd41f716f4332

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteConsoleW
HeapCreate
GetFileSize
ReleaseMutex
GetFileTime
IsBadStringPtrA
ReadFile
GetCurrentDirectoryA
GetLastError
lstrcpyW
IsValidLocale
CloseHandle
FindResourceA
SetPriorityClass
GetModuleHandleA
IsBadCodePtr
lstrlenW
WriteConsoleW
GetStartupInfoA
GetFileAttributesA
WriteConsoleW

msftedit

SetCustomTextOutHandlerEx
RichComboBoxWndProc
RichListBoxWndProc
RichEditWndProc

shell32

SHGetMalloc
DragAcceptFiles
DragQueryFileA
DuplicateIcon
ExtractIconA
SHGetFileInfoA
SHGetSettings
StrChrA
ShellAboutA
ShellAboutA
ShellMessageBoxA
ShellMessageBoxA
SHGetMalloc

msasn1

ASN1BERDecEoid

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 1024B - Virtual size: 67B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ