JaffaCakes118_3be07720d75271452be60d7ea80d508a | Triage

Resubmissions

14-01-2025 12:41

250114-pwxp2azpdn 10

14-01-2025 10:56

250114-m132hayjhj 10

Sharing

General

Target

JaffaCakes118_3be07720d75271452be60d7ea80d508a
Size

177KB
MD5

3be07720d75271452be60d7ea80d508a
SHA1

ce8685fbc1a0ef90eab3911b64e3cfebd60238c2
SHA256

2125a1e00be1bd129634cdd69d9540a4c49ae1864702547ada32ec70da42c95c
SHA512

375a01be852e44e3025b06f6cc58902fd12f465c028cdbe28e537218b27e00ce81fa6c038c13aae49632a1e3aea1229086dade40721f509c9f022794113af897
SSDEEP

3072:AWdbPR3RVFNvm8L8ds89HNnXbIygHVP3txJDnWUUXK6sAkqOjwPp1ipLitl9:XhPRH/vfL8dV9HNMygHVPrVWUUXK8kqt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_3be07720d75271452be60d7ea80d508a

Files

JaffaCakes118_3be07720d75271452be60d7ea80d508a
.exe windows:4 windows x86 arch:x86

f06fbe232175e3821e7e95fa330e2ccb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
RtlUnwind
HeapReAlloc
GetAtomNameW
GetLocaleInfoA
WriteConsoleA
GetOEMCP
SetStdHandle
SetFilePointer
TlsSetValue
GetTimeFormatA
EnumResourceNamesA
VirtualAlloc
GetACP
EnumSystemCodePagesA
HeapSize
GetCPInfo
TlsGetValue
GetDateFormatA
MultiByteToWideChar
GetConsoleOutputCP
IsValidCodePage
RaiseException

occache

FindControlClose

shell32

SHGetDataFromIDListW
SHGetFileInfoW
DragAcceptFiles
SHGetDesktopFolder
ShellExecuteExW
SHGetMalloc
SHGetSpecialFolderLocation
SHAppBarMessage
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW
Shell_NotifyIconW

Sections

.text
Size: 92KB - Virtual size: 483KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ