JaffaCakes118_3b47e68af9c013c802c90b642f9550e8 | Triage

Sharing

General

Target

JaffaCakes118_3b47e68af9c013c802c90b642f9550e8
Size

186KB
MD5

3b47e68af9c013c802c90b642f9550e8
SHA1

351f773a58ce9e6f77a7b9800f8799fd4f291a28
SHA256

155af7464372dfda614f0a840ce020d113b82193ed6269e05ffc169da6c10626
SHA512

27c62b9e557a7ed57c35cbe39a5ff8a5566206e223cf416d8aa563e0189b9a1fab2787ddf63a3f0281f6c1b2241d2e496389ca823cd798544d015f86b3b786d5
SSDEEP

3072:rLGJRkDBOxGI3Y7FGBjMu80ND0y44eRK0p/WthgL/onpml9aMejt8NW/KO169Pnf:rLGTkVOP3GFilDaR7BWDgL/Q4Tit8NWK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_3b47e68af9c013c802c90b642f9550e8

Files

JaffaCakes118_3b47e68af9c013c802c90b642f9550e8
.exe windows:4 windows x86 arch:x86

50222fff03c4f1ed11e4872a187fe241

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
HeapSize
RtlUnwind
GetDateFormatA
WriteConsoleA
GetOEMCP
GetTimeFormatA
GetLocaleInfoA
SetStdHandle
TlsAlloc
GetConsoleOutputCP
EnumResourceTypesW
GetCPInfo
SetFilePointer
VirtualAlloc
TlsGetValue
GetUserGeoID
TlsSetValue
GetACP
HeapReAlloc
MultiByteToWideChar
IsValidCodePage
RaiseException

user32

LoadStringA
PeekMessageA
MessageBoxA
CharNextA
GetDesktopWindow
DispatchMessageW
DispatchMessageA
wsprintfA

rpcrt4

RpcStringFreeA

shell32

SHGetUnreadMailCountW
SHBrowseForFolderA
ShellExecuteExA
SHGetPathFromIDListA
SHGetFileInfoA
SHAppBarMessage
DragAcceptFiles
Shell_NotifyIconA

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 97KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ