JaffaCakes118_d2412cf9ff427ad8151ed1314599c98d | Triage

Sharing

General

Target

JaffaCakes118_d2412cf9ff427ad8151ed1314599c98d
Size

186KB
MD5

d2412cf9ff427ad8151ed1314599c98d
SHA1

a8e69ce0ba4b581c4aa9f5475844150477a4bc86
SHA256

1959401c788dd3a3c0061173aa63d7262fd3a2409ed5a86fa7d972f22588403f
SHA512

c383a7862bad53ce3c2d42f83fa33ad24085fd86b2f0b82b73f596ceeedafd4579d45f59c1300b3a8a1600a2746eb11791167c6c7f8932183cbf0e73b2290f19
SSDEEP

3072:aANX8pbFYckGkuG8dNF1uUiuBkwC8NYJjjZI+2+wQ/O7jyHGxRCTis01Luf:aAG5DF1uUvqwO2VFQGKtr01L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_d2412cf9ff427ad8151ed1314599c98d

Files

JaffaCakes118_d2412cf9ff427ad8151ed1314599c98d
.exe windows:4 windows x86 arch:x86

82dfc8e73dbb5f629b0e5476bace53c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
TlsSetValue
SetFilePointer
GlobalGetAtomNameA
WriteConsoleA
IsValidCodePage
GetLocaleInfoA
GetDateFormatA
RtlUnwind
HeapSize
HeapReAlloc
EnumResourceNamesW
SetStdHandle
GetOEMCP
TlsAlloc
CreateSemaphoreW
GetCPInfo
GetConsoleOutputCP
VirtualAlloc
GetACP
TlsGetValue
GetTimeFormatA
RaiseException

rpcrt4

RpcStringFreeA

user32

LoadStringA
MessageBoxA
GetDesktopWindow
CharNextA
DispatchMessageA
PeekMessageA
DispatchMessageW
wsprintfA

shell32

SHGetSpecialFolderLocation
ShellExecuteExA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetFileInfoA
SHAppBarMessage
DragAcceptFiles
Shell_NotifyIconA

Sections

.text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 97KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ