JaffaCakes118_4c278d66b47d9197115424721afe7994 | Triage

Sharing

General

Target

JaffaCakes118_4c278d66b47d9197115424721afe7994
Size

188KB
MD5

4c278d66b47d9197115424721afe7994
SHA1

fddb144bac6a3b29115bd8db84473b4418d65fa2
SHA256

9d00ba1cd833f56e0bdd585ebfeabf89636de6087b1d93596abea6a9cc24f606
SHA512

447076bc2f4405f64f9f4968efc34e0203b4d2142b51b2a07b788e000ebf9f6379a86001157e63a4fb8e44a8e5ffbab164cacc68b0fb64293e014647e44731e0
SSDEEP

3072:qsZYLfA5WqAx6cXFSjTXnkH8rZhNT+ohPCXa3hLVxBhsS7d/i5LVK3100oPHNV0e:q5fA9Ax6+FS3nkHad+WVBugda5Lg31lw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_4c278d66b47d9197115424721afe7994

Files

JaffaCakes118_4c278d66b47d9197115424721afe7994
.exe windows:4 windows x86 arch:x86

fdd54364b22888372ec43836ea2cff27

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GlobalGetAtomNameA
WriteConsoleA
HeapSize
IsValidCodePage
GetACP
GetTimeFormatA
GetCPInfo
GetDateFormatA
VirtualAlloc
SetStdHandle
TlsGetValue
SetFilePointer
EnumResourceTypesW
RtlUnwind
TlsSetValue
GetOEMCP
GetUserGeoID
HeapReAlloc
TlsAlloc
GetConsoleOutputCP
GetLocaleInfoA
RaiseException

user32

DispatchMessageA
PeekMessageA
CharNextA
GetDesktopWindow
DispatchMessageW
LoadStringA
MessageBoxA
wsprintfA

shell32

SHGetUnreadMailCountW
SHGetFileInfoA
DragAcceptFiles
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteExA
SHAppBarMessage
Shell_NotifyIconA

rpcrt4

RpcStringFreeA

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ