JaffaCakes118_3862cefe93343f4e78a81f01fdf3acd2 | Triage

Sharing

General

Target

JaffaCakes118_3862cefe93343f4e78a81f01fdf3acd2
Size

272KB
MD5

3862cefe93343f4e78a81f01fdf3acd2
SHA1

f17bd83180dfd616cb8ee3990c5998465c13adfc
SHA256

07c086a81e8d89e50afd21f5690a1322b17c1517cfaf2ab68705c40ee8530def
SHA512

61a8863ef8d83a9b53a29980219b122636b9fea511490f3daca687f66b2eb16987c1bb69dc464cf8e38fdd89aca5d0a00ebcc56c11e314bc6f36a854e7422c9d
SSDEEP

6144:IOuxnZzEyIbBDpVI5EDXNCeg1rrOPayaB3HfoVrn/EVpo+/qj:IOu3z2VqEDXNCegkxal/on/IGiqj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_3862cefe93343f4e78a81f01fdf3acd2

Files

JaffaCakes118_3862cefe93343f4e78a81f01fdf3acd2
.exe windows:4 windows x86 arch:x86

a338a512c1bfd287519863b882b06cdb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
GetDateFormatA
GetCPInfo
GlobalGetAtomNameA
HeapSize
SetFilePointer
VirtualAlloc
GetConsoleOutputCP
GetACP
GetLocaleInfoA
HeapReAlloc
EnumResourceTypesA
TlsAlloc
SetStdHandle
IsValidCodePage
IsSystemResumeAutomatic
GetOEMCP
TlsSetValue
MultiByteToWideChar
TlsGetValue
GetTimeFormatA
WriteConsoleA
RaiseException

shell32

SHDefExtractIconA
ShellExecuteExA
DragAcceptFiles
SHGetPathFromIDListA
SHGetFileInfoA
SHBrowseForFolderA
Shell_NotifyIconA

version

GetFileVersionInfoA

Sections

.text
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 142KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ