JaffaCakes118_0094471bded79d68dc7b77ca2712b792 | Triage

Sharing

General

Target

JaffaCakes118_0094471bded79d68dc7b77ca2712b792
Size

186KB
MD5

0094471bded79d68dc7b77ca2712b792
SHA1

69315470baed5e311e37549d438d0ec0faa1734c
SHA256

b9b13ac08d0f2dc423cfad5e45200949a125a8c40684b9d086323b66e8511a14
SHA512

eb6a397115e8e7d456f994d7bbeda203ae9a12b40d701e102e66b5b1f503f040fa77ca7ef0072685e5d74cf1f6ed00e3184f048864ac29521d89d735a23d7eed
SSDEEP

3072:g9ISA4BrscQPdzJ3UmvqpIBksvm9RzFmjGRDhWbut2Moa1z2RD5Af6KasfKEdUDT:gySH2DdumvEwksvCRRm69O+281iRN86r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_0094471bded79d68dc7b77ca2712b792

Files

JaffaCakes118_0094471bded79d68dc7b77ca2712b792
.exe windows:4 windows x86 arch:x86

682b525d1430acb82b94246fde55c5ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
GetDateFormatA
GetLocaleInfoA
IsValidCodePage
GetCPInfo
GetOEMCP
VirtualAlloc
HeapReAlloc
RtlUnwind
SetFilePointer
TlsSetValue
TlsGetValue
EnumResourceNamesA
GetConsoleOutputCP
CreateDirectoryExA
WriteConsoleA
GetTimeFormatA
HeapSize
MultiByteToWideChar
SetStdHandle
TlsAlloc
GetACP
RaiseException

shell32

SHGetFolderLocation
SHGetDesktopFolder
ShellExecuteA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteExA
SHAppBarMessage
DragAcceptFiles
SHGetFileInfoA
Shell_NotifyIconA

user32

LoadStringA
DispatchMessageW
DispatchMessageA
MessageBoxA
PeekMessageA
GetDesktopWindow
CharNextA
wsprintfA

rpcrt4

RpcStringFreeA

Sections

.text
Size: 90KB - Virtual size: 229KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ