JaffaCakes118_4a1680c6aa24f5dc0e4547a05503f041 | Triage

Sharing

General

Target

JaffaCakes118_4a1680c6aa24f5dc0e4547a05503f041
Size

285KB
MD5

4a1680c6aa24f5dc0e4547a05503f041
SHA1

37b4738cb4a436fe80d821d128da5ed77fb568bd
SHA256

760fc7d07f405516296d896908f6b7a99c5dd62ae2e5edba3dff91f146b4599c
SHA512

ba971694f42612d4366665fb55c033207c2fefa61b0410d04dfa3cd848de6bc6c4a4d65727e37c5073f6abf7f07fd358de0ff14c9c6218c357888e5134b52f7e
SSDEEP

6144:sKuyRacZZQzliDoUh58+ZungB5eHbyPmUL0RKkom2EtFhMMYAR48HQ:sKuYbioDlz8+ZUiY+PoRKkomh2xWz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_4a1680c6aa24f5dc0e4547a05503f041

Files

JaffaCakes118_4a1680c6aa24f5dc0e4547a05503f041
.exe windows:4 windows x86 arch:x86

efe7bf09ba95778d417b05d10c989693

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
SetFilePointer
VirtualAlloc
GlobalGetAtomNameA
GetTimeFormatA
MultiByteToWideChar
IsValidCodePage
SetStdHandle
GetLocaleInfoA
TlsSetValue
EnumResourceTypesW
WriteConsoleA
GetDateFormatA
GetOEMCP
GetACP
TlsGetValue
HeapSize
GetUserGeoID
TlsAlloc
GetCPInfo
GetConsoleOutputCP
HeapReAlloc
RaiseException

shell32

SHGetUnreadMailCountW
SHGetPathFromIDListA
SHAppBarMessage
DragAcceptFiles
ShellExecuteExA
SHBrowseForFolderA
SHGetFileInfoA
Shell_NotifyIconA

rpcrt4

RpcStringFreeA

user32

CharNextA
DispatchMessageA
MessageBoxA
LoadStringA
GetDesktopWindow
DispatchMessageW
PeekMessageA
wsprintfA

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 143KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ