JaffaCakes118_6208fcb3770c2757f15c796fab390fff | Triage

Sharing

General

Target

JaffaCakes118_6208fcb3770c2757f15c796fab390fff
Size

186KB
MD5

6208fcb3770c2757f15c796fab390fff
SHA1

60804cd67043142fe55dfc084a435422d2e89531
SHA256

284924073f5af263a4c912c08509d4dfcf57212d86523d67fbd6c8af84c62e89
SHA512

dafaa4aaaf6abb6cd5a2281d5c8d51957cf622ef91e8c057754f9d7e017af82dbebeea6cd99201f19f05a4207b1fd6437b7e06f5ed9aaa322dc9242424c04e31
SSDEEP

3072:e6QEOCDJD/sESf5SnjMHvgfGZ0BTC4RF9PSjy86tGdiVqFN8vyXjI0O0Z7Q4sOsq:JdOUD1DMgk4RFqT60duqFNyiI7AM4HGP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6208fcb3770c2757f15c796fab390fff

Files

JaffaCakes118_6208fcb3770c2757f15c796fab390fff
.exe windows:4 windows x86 arch:x86

db13fdfea8ff438cbe4558dc236a61db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
GetOEMCP
GlobalGetAtomNameA
HeapReAlloc
SetStdHandle
TlsSetValue
GetLocaleInfoA
GetConsoleOutputCP
GetACP
WriteConsoleA
TlsAlloc
MultiByteToWideChar
EnumResourceNamesW
IsValidCodePage
GetDateFormatA
WideCharToMultiByte
RtlUnwind
GetTimeFormatA
GetCPInfo
VirtualAlloc
TlsGetValue
HeapSize
RaiseException

rpcrt4

RpcStringFreeA

user32

LoadStringA
GetDesktopWindow
CharNextA
DispatchMessageW
PeekMessageA
DispatchMessageA
MessageBoxA
wsprintfA

shell32

SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetFileInfoA
ShellExecuteExA
DragAcceptFiles
SHAppBarMessage
Shell_NotifyIconA

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 97KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ