JaffaCakes118_7ac3fe0174fde0e9d7cf160feccd7d36 | Triage

Sharing

General

Target

JaffaCakes118_7ac3fe0174fde0e9d7cf160feccd7d36
Size

163KB
MD5

7ac3fe0174fde0e9d7cf160feccd7d36
SHA1

d8164e8b9785fc64e8f6dab6007420cecf731291
SHA256

17130b19c4f253fc868435a307feacc17ca163a23f5624243fb627b19ba544a0
SHA512

6e273ac47b862f8c9de33695010f9755ce48af3d9a8c75234735b60c953acd68ad3de80580cf5fb7fdfa80dafe8f9c122f88ea984feabb24f5d45a37abc0a872
SSDEEP

3072:Za3Oc7/KTefrrHMqvw7kIKuj1hZWzRj1qKwx5+c2BHj9ivA:ZFc7/AeJvw7XLjdWB19RxHM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7ac3fe0174fde0e9d7cf160feccd7d36

Files

JaffaCakes118_7ac3fe0174fde0e9d7cf160feccd7d36
.exe windows:4 windows x86 arch:x86

d15140437421a6d4bee4a7607db81344

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
VirtualAlloc
TlsSetValue
GetAtomNameA
SetFilePointer
HeapReAlloc
GetConsoleOutputCP
GetCPInfo
GetLocaleInfoA
IsValidCodePage
WriteConsoleA
TlsAlloc
EnumResourceTypesA
GetOEMCP
HeapSize
MultiByteToWideChar
IsProcessorFeaturePresent
RtlUnwind
GetACP
TlsGetValue
GetDateFormatA
GetTimeFormatA
RaiseException

rpcrt4

RpcStringFreeA

shell32

SHDefExtractIconA
ShellExecuteExA
SHGetFileInfoA
SHBrowseForFolderA
SHGetPathFromIDListA
DragAcceptFiles
Shell_NotifyIconA

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 486KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ