JaffaCakes118_db841c103fcec7a3e45a1c2857e5ebc6 | Triage

Sharing

General

Target

JaffaCakes118_db841c103fcec7a3e45a1c2857e5ebc6
Size

191KB
MD5

db841c103fcec7a3e45a1c2857e5ebc6
SHA1

5efae0cad307e966149fac21ee8bd375526fe38b
SHA256

1e1a8648fcc1824877f31835fee9f0950898ace33eec5c19680b9afda1245344
SHA512

6a16551a180c8217ac2f7491a7a4404ee748784d79be1df18d15f1380f6f10f39910ee0338611ccd0f020e48a38898c31da92c932f44eb3ef8a0772d82988bf3
SSDEEP

3072:67R597U/Fh0r2AtnrIuxR/BO6TWfgUu1mPNwaRcXmEwMoOf68e89M2:67R597U/LKtnr7BOFgUpPhcXmEEOU8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_db841c103fcec7a3e45a1c2857e5ebc6

Files

JaffaCakes118_db841c103fcec7a3e45a1c2857e5ebc6
.exe windows:4 windows x86 arch:x86

573c119486c9ebd722afa34649bece22

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetOEMCP
MultiByteToWideChar
GetAtomNameW
GetLocaleInfoA
HeapSize
TlsSetValue
GetTimeFormatA
GetDateFormatA
GetACP
GetCPInfo
TlsAlloc
WriteConsoleA
EnumResourceNamesA
GetConsoleOutputCP
SetStdHandle
EnumSystemCodePagesA
HeapReAlloc
TlsGetValue
RtlUnwind
SetFilePointer
IsValidCodePage
RaiseException

occache

FindControlClose

shell32

SHGetDataFromIDListW
ShellExecuteW
SHGetDesktopFolder
SHGetMalloc
SHAppBarMessage
SHGetSpecialFolderLocation
SHBrowseForFolderW
DragAcceptFiles
SHGetFileInfoW
SHGetPathFromIDListW
ShellExecuteExW
Shell_NotifyIconW

Sections

.text
Size: 91KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ