JaffaCakes118_0f8ff1d02f4d2ab438537afb36cf0bfd | Triage

Sharing

General

Target

JaffaCakes118_0f8ff1d02f4d2ab438537afb36cf0bfd
Size

166KB
MD5

0f8ff1d02f4d2ab438537afb36cf0bfd
SHA1

468fc26a61057e42e34fd9d7ca567d81b4fe7b07
SHA256

27dbd55f0a916a37c858ebcad87c4fd4b56d30768c6b8fad1b7bd52d3da9321d
SHA512

c9460d922a16272e8c902a2f9b240e811a12903265a9d907b5ee29fc5c7dd67d705ac22115de815626619f5a1511692f40a3a456ec4f9ebddd37893e6ff82c69
SSDEEP

3072:H45D2T8WZ9Et60okcy94lywywBs6zukCSQlx93WH9wQ/QRgpcNGSH2RCxzo:H48pEt60o1yMyT+sRhT93fQ/Y6cNGSWK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_0f8ff1d02f4d2ab438537afb36cf0bfd

Files

JaffaCakes118_0f8ff1d02f4d2ab438537afb36cf0bfd
.exe windows:4 windows x86 arch:x86

fd49913252539d94334601bbb1455df4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
MultiByteToWideChar
SetStdHandle
GlobalGetAtomNameW
GetConsoleOutputCP
GetTimeFormatA
WriteConsoleA
RtlUnwind
GetACP
GetCPInfo
EnumResourceTypesA
VirtualAlloc
TlsAlloc
HeapSize
GetDateFormatA
TlsGetValue
IsValidCodePage
SetThreadLocale
HeapReAlloc
SetFilePointer
TlsSetValue
GetLocaleInfoA
RaiseException

rpcrt4

RpcStringFreeA

user32

CharNextA
GetDesktopWindow
PeekMessageA
DispatchMessageW
DispatchMessageA
MessageBoxA
LoadStringA
wsprintfA

shell32

SHGetDataFromIDListW
ShellExecuteExA
DragAcceptFiles
SHGetFileInfoA
SHGetPathFromIDListA
SHBrowseForFolderA
Shell_NotifyIconA

Sections

.text
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 475KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ