JaffaCakes118_cea3e030efaed1b6d54e1cf0b57931ea | Triage

Sharing

General

Target

JaffaCakes118_cea3e030efaed1b6d54e1cf0b57931ea
Size

274KB
MD5

cea3e030efaed1b6d54e1cf0b57931ea
SHA1

0d9cd422db4416f0fc61ebb0b66d5fd1f1e2da79
SHA256

1f69f03c3140abe655beadd66c7ab10e6942c59b5d2694b3cb45b2d92552965e
SHA512

5d916beca9740afcb00f9606ea43ea6a58ccb8b648619f1c97e0513c1df2a11e814b3ed64066bcfd4f1addba6e5135c5871506d4c89dff54205ef2fb18881c20
SSDEEP

6144:UrrER7U0iPRouMcsWvkNh0p646nDbA/3UwTxc1KAmOkg:F7UHiPNy84KbA/kwTxc1N+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_cea3e030efaed1b6d54e1cf0b57931ea

Files

JaffaCakes118_cea3e030efaed1b6d54e1cf0b57931ea
.exe windows:4 windows x86 arch:x86

6e2f0ccef909098477b0c990f685cc92

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
GetOEMCP
MultiByteToWideChar
GetDateFormatA
WriteConsoleA
SetStdHandle
GetLocaleInfoA
IsValidCodePage
RtlUnwind
TlsGetValue
GetConsoleOutputCP
SetFilePointer
EnumResourceTypesA
HeapSize
HeapReAlloc
IsSystemResumeAutomatic
GetCPInfo
GetTimeFormatA
TlsAlloc
TlsSetValue
VirtualAlloc
GetACP
RaiseException

version

GetFileVersionInfoA

shell32

SHDefExtractIconA
ShellExecuteExA
DragAcceptFiles
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetFileInfoA
Shell_NotifyIconA

Sections

.text
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ