JaffaCakes118_231c813d12836c2870d58d3cc88c7efa | Triage

Sharing

General

Target

JaffaCakes118_231c813d12836c2870d58d3cc88c7efa
Size

178KB
MD5

231c813d12836c2870d58d3cc88c7efa
SHA1

74f3f77519e563513369c6bfd73fd687ebac3ee0
SHA256

21a00430dc7b2ecf702b16f52227f7d558e9397b0d0e5f263416502c289ca3a0
SHA512

51a42872c84db394dd3ce8ecfe9ea8d68507a0970f0fcc967b35c1c7eb030b81737f60d61ca89ae1550e8ca4d6c4a2b5c28670d27604ffd0426b3ba49885ee30
SSDEEP

3072:/L/wyNqSMLufKePcPRD5kFR+rUr1YdDrgXvftX48yr2goxiX:/L/wXLufDwIR6d/gXHtXJm5R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_231c813d12836c2870d58d3cc88c7efa

Files

JaffaCakes118_231c813d12836c2870d58d3cc88c7efa
.exe windows:4 windows x86 arch:x86

847cb551d6cab2a2d10f07d6e22a7c16

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
WriteConsoleA
HeapSize
GlobalGetAtomNameA
IsValidCodePage
GetDateFormatA
GetACP
HeapReAlloc
GetCPInfo
VirtualAlloc
TlsSetValue
GetLocaleInfoA
GetOEMCP
EnumResourceTypesA
IsSystemResumeAutomatic
GetConsoleOutputCP
RtlUnwind
TlsAlloc
SetStdHandle
MultiByteToWideChar
SetFilePointer
GetTimeFormatA
RaiseException

shell32

SHDefExtractIconA
SHGetFileInfoA
ShellExecuteExA
SHGetPathFromIDListA
SHBrowseForFolderA
DragAcceptFiles
Shell_NotifyIconA

version

GetFileVersionInfoA

Sections

.text
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 97KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ