JaffaCakes118_561bcf19d75874021b13e56e58071f26 | Triage

Sharing

General

Target

JaffaCakes118_561bcf19d75874021b13e56e58071f26
Size

283KB
MD5

561bcf19d75874021b13e56e58071f26
SHA1

37656c0c2de3d1688ca572004f36cd4f0268c321
SHA256

2849a88cb4abfa16c08faa60dd7dd86c004aa325aa71a20f7606a7f88f94c3ec
SHA512

fc0dd95af931efbe16a001539107907450480782ed78974cf02d48b64dcd501ff33b323c519defba8846b5636cbcc2d72f19171ccbe22be1514030c18d011e2c
SSDEEP

6144:uFeBlDB5jsbJFlhWgFEYCcG6afRuHngSKZgMZvsihf4:uFeBRDjsbJDpFE96GkjKZPbg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_561bcf19d75874021b13e56e58071f26

Files

JaffaCakes118_561bcf19d75874021b13e56e58071f26
.exe windows:4 windows x86 arch:x86

ecb6158e07a52c576bd51a5a8ce1d877

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
GetConsoleOutputCP
GetTimeFormatA
MultiByteToWideChar
IsValidCodePage
GetLocaleInfoA
HeapReAlloc
SetStdHandle
HeapSize
VirtualAlloc
TlsSetValue
GetACP
EnumResourceNamesA
TlsAlloc
SetFilePointer
CreateHardLinkA
RtlUnwind
TlsGetValue
GetDateFormatA
GetCPInfo
WriteConsoleA
GetOEMCP
RaiseException

occache

FindControlClose

shell32

SHGetFolderLocation
SHGetDesktopFolder
SHGetPathFromIDListA
DragAcceptFiles
SHGetSpecialFolderLocation
ShellExecuteExA
SHAppBarMessage
SHGetMalloc
SHGetFileInfoA
ShellExecuteA
SHBrowseForFolderA
Shell_NotifyIconA

Sections

.text
Size: 130KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ