JaffaCakes118_128002ba2034313b5ee8ae7b962b1ba6 | Triage

Resubmissions

13-01-2025 04:38

250113-e9kmhswmds 10

12-01-2025 15:55

250112-tc3jdsymcz 10

Sharing

General

Target

JaffaCakes118_128002ba2034313b5ee8ae7b962b1ba6
Size

287KB
MD5

128002ba2034313b5ee8ae7b962b1ba6
SHA1

63d1abdd81c0630f2c8afd4be32e8dce2fcb6d73
SHA256

2b2c5f7bd2c76e12ae57782ec34ec76390923258f11860a800d53756eab6989e
SHA512

8309fb3854886f10377b5c5f11380cea1ad99ec00a2434eb99c218e6c3003ef117775b25e290fda4b636b243a0d2da1f9af80009bcc17a8c031551c12c838869
SSDEEP

6144:RuOsFiolw4pTBBZ0jkbno6/3MBftnpqcQC3HzSBrph+HavbfH:sZicfSeo6/qft43ckP+6jfH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_128002ba2034313b5ee8ae7b962b1ba6

Files

JaffaCakes118_128002ba2034313b5ee8ae7b962b1ba6
.exe windows:4 windows x86 arch:x86

676d03668cc47d56045a78061fca2ed0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
GetCPInfo
VirtualAlloc
GetAtomNameA
GetOEMCP
HeapSize
WriteConsoleA
MultiByteToWideChar
RtlUnwind
HeapReAlloc
GetLocaleInfoA
GetTimeFormatA
IsValidCodePage
EnumResourceTypesA
GetDateFormatA
CreateToolhelp32Snapshot
SetStdHandle
GetACP
TlsSetValue
TlsGetValue
GetConsoleOutputCP
TlsAlloc
RaiseException

shell32

SHGetUnreadMailCountW
SHBrowseForFolderA
SHAppBarMessage
SHGetPathFromIDListA
SHGetFileInfoA
ShellExecuteExA
DragAcceptFiles
Shell_NotifyIconA

user32

MessageBoxA
DispatchMessageW
LoadStringA
CharNextA
GetDesktopWindow
DispatchMessageA
PeekMessageA
wsprintfA

rpcrt4

RpcStringFreeA

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ