JaffaCakes118_69ceb7f4c6e602400dc93637ae94a4b1 | Triage

Sharing

General

Target

JaffaCakes118_69ceb7f4c6e602400dc93637ae94a4b1
Size

177KB
MD5

69ceb7f4c6e602400dc93637ae94a4b1
SHA1

333c45c68307eff607cd802d6558775b0f9845a8
SHA256

1b9973292a4f821f661853620f588e74c12c7b0f5d5e2cc98dd9c4051762a874
SHA512

3cbab37b9531b036b800e206b518497603db392d807c11c434d8222e2daf7c156c14ca1212e9b45f3a50a367ed961ee3de6f59e3cc00da03c812cc97a4dfd594
SSDEEP

3072:o3RXLWmMt9ZeJJCErPUezCBjUZWiRzH2+zvt5iqVIENYhsZYbTaCewNZhumXqaHX:8dWHHaJrs8CBj+WiR2+Lv5VVNQsZYb8E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_69ceb7f4c6e602400dc93637ae94a4b1

Files

JaffaCakes118_69ceb7f4c6e602400dc93637ae94a4b1
.exe windows:4 windows x86 arch:x86

5580d7abc55474a7fe1a99279d9ac361

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
GetAtomNameW
VirtualAlloc
SetStdHandle
TlsGetValue
WriteConsoleA
GetConsoleOutputCP
GetACP
GetDateFormatA
IsValidCodePage
GetTimeFormatA
EnumResourceNamesA
MultiByteToWideChar
TlsAlloc
GetLocaleInfoA
HeapReAlloc
GetOEMCP
FindResourceA
GetCPInfo
HeapSize
TlsSetValue
SetFilePointer
RaiseException

occache

FindControlClose

shell32

SHGetDataFromIDListW
SHGetMalloc
SHGetPathFromIDListW
ShellExecuteW
SHGetSpecialFolderLocation
SHAppBarMessage
SHGetFileInfoW
SHGetDesktopFolder
DragAcceptFiles
ShellExecuteExW
SHBrowseForFolderW
Shell_NotifyIconW

Sections

.text
Size: 90KB - Virtual size: 477KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ