JaffaCakes118_0d389451b8131f9b71957e36b2aefd81 | Triage

Sharing

General

Target

JaffaCakes118_0d389451b8131f9b71957e36b2aefd81
Size

289KB
MD5

0d389451b8131f9b71957e36b2aefd81
SHA1

2f0e86436f4a4d4528ace55bd3822e37733a61c8
SHA256

c228bfd2a677921814a5a8855972653ab6f3f04db4e5076adebecc730e0b1791
SHA512

7c41e80ea479f1a55109acb3d36361b5c9c7d1c781144a90d6e7f5a2f92c0dc97690a5165d350ddc685f53ef06b3eb07c15055e1f70a1b90c303b75f06064417
SSDEEP

6144:Bg9Nn4CrjPdEpYEw8A5zoyi0OLB2dqSsm1C64HBBPU:Bg9eurdEpYEwvlOB2dqSlM60BB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_0d389451b8131f9b71957e36b2aefd81

Files

JaffaCakes118_0d389451b8131f9b71957e36b2aefd81
.exe windows:4 windows x86 arch:x86

c5635e61e70cf0e158289ee129d613c5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameA
GetACP
HeapSize
TlsSetValue
MultiByteToWideChar
GetCPInfo
GetOEMCP
RtlUnwind
GetLocaleInfoA
WriteConsoleA
EnumResourceNamesW
IsValidCodePage
VirtualAlloc
SetFilePointer
GetConsoleOutputCP
CreateToolhelp32Snapshot
GetTimeFormatA
HeapReAlloc
TlsAlloc
SetStdHandle
TlsGetValue
GetDateFormatA
RaiseException

shell32

SHGetUnreadMailCountW
SHAppBarMessage
DragAcceptFiles
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetFileInfoA
ShellExecuteExA
Shell_NotifyIconA

user32

MessageBoxA
GetDesktopWindow
DispatchMessageW
LoadStringA
PeekMessageA
DispatchMessageA
CharNextA
wsprintfA

rpcrt4

RpcStringFreeA

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 133KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ