JaffaCakes118_4a2382be6137670d049e1832d46270ce | Triage

Sharing

General

Target

JaffaCakes118_4a2382be6137670d049e1832d46270ce
Size

164KB
MD5

4a2382be6137670d049e1832d46270ce
SHA1

3d9d2e8d8fe8c3e34e3cddb30041f23accc51957
SHA256

2a4f139ae32411cde4e425548e11e4a46776d293e20d00419294d1c01b99660e
SHA512

84b34fd76511889b218762fce24f62c6e889f48847c43098482dcb13bf47e26db89eaf1f6b82620d74fbcc9073ca813582e6d77ce8d3f12986ef09754996388e
SSDEEP

3072:3EGqYpw1b88tkrBTdCi387r4msKitgYCh+LuBwwolI56:3y1w8tQCGCr4m7H+DI5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_4a2382be6137670d049e1832d46270ce

Files

JaffaCakes118_4a2382be6137670d049e1832d46270ce
.exe windows:4 windows x86 arch:x86

c605a5965c36311ba91d9f3012f970b6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
IsValidCodePage
WriteConsoleA
GlobalGetAtomNameA
GetConsoleOutputCP
SetStdHandle
TlsGetValue
TlsAlloc
GetTimeFormatA
GetCPInfo
EnumResourceTypesA
TlsSetValue
GetDateFormatA
SetFilePointer
GetACP
VirtualAlloc
IsSystemResumeAutomatic
MultiByteToWideChar
HeapSize
HeapReAlloc
GetLocaleInfoA
GetOEMCP
RaiseException

version

GetFileVersionInfoA

shell32

SHDefExtractIconA
DragAcceptFiles
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetFileInfoA
ShellExecuteExA
Shell_NotifyIconA

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 485KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ