JaffaCakes118_049c932164119d15d334e2e5971c1ddd | Triage

Sharing

General

Target

JaffaCakes118_049c932164119d15d334e2e5971c1ddd
Size

187KB
MD5

049c932164119d15d334e2e5971c1ddd
SHA1

95c44294dd9e23e9fa959bba7219fb48b30187dc
SHA256

7cc06ec8608bc2fe75ac8e28848c58f9bdebdea137b4ad9cf7d542a0b6cf6dd0
SHA512

44297324d073bea30b0d1ce85a1e6336f66e1e50b460089c7c5d9cc1353b1c0fdc13e7d041fa2ce3cad4006f31e109249d341795657417dca90286d360102545
SSDEEP

3072:nYDeKz7TwAIzu3g/BiXImLU293owd/deTDCKtVI2I1WiApyMXsHyrZ0MgnNwmX5W:nYDeKz7sySB2ImL/roDCKtmUiApZXsHy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_049c932164119d15d334e2e5971c1ddd

Files

JaffaCakes118_049c932164119d15d334e2e5971c1ddd
.exe windows:4 windows x86 arch:x86

b03aa9c14c36066a2054cb79d086f4af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
GlobalGetAtomNameA
VirtualAlloc
SetStdHandle
IsValidCodePage
GetCPInfo
TlsSetValue
SetFilePointer
TlsAlloc
HeapSize
GetLocaleInfoA
EnumResourceNamesA
GetConsoleOutputCP
GetOEMCP
CreateDirectoryExA
HeapReAlloc
WriteConsoleA
RtlUnwind
MultiByteToWideChar
GetACP
GetTimeFormatA
GetDateFormatA
RaiseException

user32

CharNextA
DispatchMessageA
GetDesktopWindow
DispatchMessageW
MessageBoxA
PeekMessageA
LoadStringA
wsprintfA

rpcrt4

RpcStringFreeA

shell32

SHGetFolderLocation
SHGetDesktopFolder
SHGetFileInfoA
SHGetSpecialFolderLocation
DragAcceptFiles
SHGetMalloc
ShellExecuteA
SHBrowseForFolderA
ShellExecuteExA
SHAppBarMessage
SHGetPathFromIDListA
Shell_NotifyIconA

Sections

.text
Size: 90KB - Virtual size: 230KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ