JaffaCakes118_237723ea5d416b8ddf545caa06709919 | Triage

Sharing

General

Target

JaffaCakes118_237723ea5d416b8ddf545caa06709919
Size

286KB
MD5

237723ea5d416b8ddf545caa06709919
SHA1

15698be5435caffae44a1bf5adc9a0a366216692
SHA256

92f641cf7a9f28706001cf17cc23098849c06e644d741bef48fb34e867730ea8
SHA512

23876c1030657326ba97d194b8eddd5e4e3b30c05747dfb3732ffee933a7fce975536a9d4ba6ba7003acda31cfc49b79733536f9392b41661721066d22ef4814
SSDEEP

6144:iOfkLh4y0CO5i2W5pZYiXRuwkTpDdN/I56wpP3X7+JFy:iOm4y0Zk5pluwsd1I55vL+y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_237723ea5d416b8ddf545caa06709919

Files

JaffaCakes118_237723ea5d416b8ddf545caa06709919
.exe windows:4 windows x86 arch:x86

64e33424f924d6b84b9f7c45729e998a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidCodePage
GetAtomNameA
GetDateFormatA
SetFilePointer
TlsAlloc
MultiByteToWideChar
GetACP
TlsGetValue
HeapSize
WriteConsoleA
GetTimeFormatA
GetOEMCP
HeapReAlloc
EnumResourceNamesW
RtlUnwind
VirtualAlloc
CreateToolhelp32Snapshot
SetStdHandle
GetCPInfo
GetConsoleOutputCP
GetLocaleInfoA
TlsSetValue
RaiseException

rpcrt4

RpcStringFreeA

user32

DispatchMessageA
GetDesktopWindow
DispatchMessageW
MessageBoxA
LoadStringA
PeekMessageA
CharNextA
wsprintfA

shell32

SHGetUnreadMailCountW
SHGetFileInfoA
SHGetPathFromIDListA
ShellExecuteExA
SHBrowseForFolderA
DragAcceptFiles
SHAppBarMessage
Shell_NotifyIconA

Sections

.text
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 143KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ