JaffaCakes118_b5e7487f16e273509b6e45575c6f903e | Triage

Sharing

General

Target

JaffaCakes118_b5e7487f16e273509b6e45575c6f903e
Size

270KB
MD5

b5e7487f16e273509b6e45575c6f903e
SHA1

1938f36acfc8bf52b861913d6419b97792d9ad52
SHA256

2a47b1ff0a750b6134a6e4b1cba26a523622582bda25431c1821eb7f53a7dcc3
SHA512

b64948ff0b53b4d6a2b580a39891f1c8b51c8269756948728810077a7bfa7c8a3bb27dab7df994871e6ae1687f8b7d09ccdc262a968478cfe3a7e4622d51e4fd
SSDEEP

6144:EoKr7OzCIW199+E8GrRXvU6Scz71Csm7ZUnZzQyO8XcPE80nj9ZI:M/OWD+SrR/NlCsm7ZNyO8XcAnj9u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_b5e7487f16e273509b6e45575c6f903e

Files

JaffaCakes118_b5e7487f16e273509b6e45575c6f903e
.exe windows:4 windows x86 arch:x86

3f9cb57d07fcc6f8bc245537529e9909

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
GlobalGetAtomNameW
TlsAlloc
SetFilePointer
RtlUnwind
IsValidCodePage
MultiByteToWideChar
HeapSize
TlsSetValue
GetLocaleInfoA
GetDateFormatA
SetStdHandle
EnumResourceTypesW
GetOEMCP
GetConsoleOutputCP
GetCPInfo
HeapReAlloc
SetThreadLocale
GetTimeFormatA
WriteConsoleA
VirtualAlloc
GetACP
RaiseException

shell32

SHGetDataFromIDListW
DragAcceptFiles
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteExA
SHGetFileInfoA
Shell_NotifyIconA

user32

LoadStringA
DispatchMessageW
MessageBoxA
DispatchMessageA
CharNextA
GetDesktopWindow
PeekMessageA
wsprintfA

rpcrt4

RpcStringFreeA

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 153KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ