JaffaCakes118_0073617452e565600638d5fd0eacbc06 | Triage

Sharing

General

Target

JaffaCakes118_0073617452e565600638d5fd0eacbc06
Size

177KB
MD5

0073617452e565600638d5fd0eacbc06
SHA1

6a424cf725b8f11f9fa06d25ab751f92aa877387
SHA256

2dd62314387ddb349ef02b420be993317d930f4b6a3d75b05eda95aa79b976ac
SHA512

ff811c74974adf0c02019e0ebd100054e67425be862d03e2cb0e38cd2934da2478dfdbd949c943943bf98b34ebe5b0ee13bb0a78fdb29c86798a185713046477
SSDEEP

3072:foWxa8ej/V1f6O7rX4HhAZ8VSuTitInIpuLwkAjanQ++/tr9AXlNzE/EIQ:foWQ7/VR6OgHOC0gI+R2L++1YlNo/Er

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_0073617452e565600638d5fd0eacbc06

Files

JaffaCakes118_0073617452e565600638d5fd0eacbc06
.exe windows:4 windows x86 arch:x86

66bb67636187fa774d3e6958eb027d2c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleA
SetStdHandle
GlobalGetAtomNameW
VirtualAlloc
GetTimeFormatA
GetDateFormatA
SetFilePointer
GetACP
TlsGetValue
GetCPInfo
RtlUnwind
EnumResourceNamesA
TlsAlloc
GetLocaleInfoA
GetModuleHandleA
GetConsoleOutputCP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
TlsSetValue
HeapSize
HeapReAlloc
RaiseException

occache

FindControlClose

shell32

SHCreateStdEnumFmtEtc
SHGetDesktopFolder
ShellExecuteW
SHGetPathFromIDListW
SHAppBarMessage
ShellExecuteExW
SHGetMalloc
SHGetFileInfoW
DragAcceptFiles
SHGetSpecialFolderLocation
SHBrowseForFolderW
Shell_NotifyIconW

Sections

.text
Size: 89KB - Virtual size: 477KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ