JaffaCakes118_4e0adf26bb77e9f3c8e1cc9261d19080 | Triage

Sharing

General

Target

JaffaCakes118_4e0adf26bb77e9f3c8e1cc9261d19080
Size

295KB
MD5

4e0adf26bb77e9f3c8e1cc9261d19080
SHA1

131bf8ff496bcc50a5b740078327ad3ae74c7510
SHA256

123ae50352cfa0b7be3796444608c139b39c0d080a6aa875be185b10bc671727
SHA512

a0476c27affb5850e11d8718f45a5b487999f343924d9aa3afb92bd0cbda5ae72f09c0cc55b30094063052f3376984e699688a8e6ffde155e7bf265345fc83d0
SSDEEP

6144:x5MiHi5AZJBEt1ff8BzqxTMHBUs6sFU1EvfxekzsPB0F2RcUrqvhCn3g09OE:x5MiC+Z/Et1fz5iBxFU1E3xkuF2Rm4nw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_4e0adf26bb77e9f3c8e1cc9261d19080

Files

JaffaCakes118_4e0adf26bb77e9f3c8e1cc9261d19080
.exe windows:4 windows x86 arch:x86

2d5e4ee2a520e9ebb7d9d4163107736a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
GetAtomNameW
GetOEMCP
GetLocaleInfoA
GetCPInfo
IsValidCodePage
GetACP
HeapSize
WriteConsoleA
TlsGetValue
GetConsoleOutputCP
VirtualAlloc
EnumResourceNamesA
GetDateFormatA
MultiByteToWideChar
SetFilePointer
FindResourceA
SetStdHandle
RtlUnwind
TlsSetValue
GetTimeFormatA
HeapReAlloc
RaiseException

occache

FindControlClose

shell32

SHGetDataFromIDListW
ShellExecuteW
SHGetFileInfoW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
ShellExecuteExW
DragAcceptFiles
SHGetPathFromIDListW
SHGetMalloc
SHAppBarMessage
Shell_NotifyIconW

Sections

.text
Size: 143KB - Virtual size: 266KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ