JaffaCakes118_df9a19dbd662b321e368980b7ae29201 | Triage

Sharing

General

Target

JaffaCakes118_df9a19dbd662b321e368980b7ae29201
Size

384KB
MD5

df9a19dbd662b321e368980b7ae29201
SHA1

740225eea440fb063623b0c4ba4a4ba0577b0376
SHA256

22d833fa171f599c5ccf1e7b79567d1d2afc6154916c5fc36b190e2cd99c1664
SHA512

3c58f0936d40272c78bd802c8f4a3e107ce5704d1d12e5da623a043f6806f9f2d973c674b17630fdb9b8070a195920fce3abdcadc43f71ac3de41acd8a3ec82d
SSDEEP

6144:uhiMSxXhgodPKU4hq+WWL0zUnry/sCZkYOpee6NdRhtH2xtvTY:uhiMSF3dP5gUYLhpU30

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_df9a19dbd662b321e368980b7ae29201

Files

JaffaCakes118_df9a19dbd662b321e368980b7ae29201
.exe windows:4 windows x86 arch:x86

5d8c1244a79916ed68638f29855e1573

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDateFormatA
GlobalGetAtomNameA
HeapReAlloc
RtlUnwind
HeapSize
GetACP
SetStdHandle
GetOEMCP
TlsAlloc
GetTimeFormatA
TlsSetValue
WriteConsoleA
GetCPInfo
EnumResourceNamesA
MultiByteToWideChar
VirtualAlloc
CreateDirectoryExA
SetFilePointer
IsValidCodePage
TlsGetValue
GetConsoleOutputCP
GetLocaleInfoA
RaiseException

rpcrt4

RpcStringFreeA

user32

DispatchMessageA
DispatchMessageW
MessageBoxA
LoadStringA
GetDesktopWindow
CharNextA
PeekMessageA
wsprintfA

shell32

SHGetSpecialFolderLocation
ShellExecuteExA
SHGetMalloc
ShellExecuteA
SHGetDesktopFolder
DragAcceptFiles
SHGetPathFromIDListA
SHAppBarMessage
SHGetFileInfoA
SHBrowseForFolderA
Shell_NotifyIconA

Sections

.text
Size: 136KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ