JaffaCakes118_445935e8d4c5f152a7b8ca19d7834a24 | Triage

Sharing

General

Target

JaffaCakes118_445935e8d4c5f152a7b8ca19d7834a24
Size

285KB
MD5

445935e8d4c5f152a7b8ca19d7834a24
SHA1

4b6aa2b403769bfa48ac2852ed9df8c5a56baf04
SHA256

6ad56abd94ebaf4c32e2d3c3558c375e5ed0d5c96b4195817695defd8052ea0a
SHA512

1292afcb09be678cba33e8465bc47b244c84c1a82ce61d0f81b9c5223457596dc27c07e6899788df33b2d970f1fa478f899027216ba2578815ef1d89f34358af
SSDEEP

6144:k2m8z+xMfMCTWxjjRN0ueonKyMohMh0AvzVnVQrSH15i:Y8z+xMfMCixhSchMh3vpnOO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_445935e8d4c5f152a7b8ca19d7834a24

Files

JaffaCakes118_445935e8d4c5f152a7b8ca19d7834a24
.exe windows:4 windows x86 arch:x86

285e80aafd08b6b494bd6d39b542b037

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
GlobalGetAtomNameA
SetFilePointer
TlsAlloc
MultiByteToWideChar
HeapSize
VirtualAlloc
GetOEMCP
WriteConsoleA
RtlUnwind
GetACP
IsValidCodePage
SetStdHandle
EnumResourceNamesA
CreateDirectoryExA
TlsGetValue
GetTimeFormatA
GetConsoleOutputCP
GetDateFormatA
GetCPInfo
TlsSetValue
HeapReAlloc
RaiseException

rpcrt4

RpcStringFreeA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetFileInfoA
SHAppBarMessage
ShellExecuteA
SHGetDesktopFolder
SHBrowseForFolderA
ShellExecuteExA
DragAcceptFiles
SHGetMalloc
Shell_NotifyIconA

user32

DispatchMessageA
MessageBoxA
PeekMessageA
LoadStringA
CharNextA
DispatchMessageW
GetDesktopWindow
wsprintfA

Sections

.text
Size: 136KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ