JaffaCakes118_596533af4ad3d9ca93f515486bf83572 | Triage

Sharing

General

Target

JaffaCakes118_596533af4ad3d9ca93f515486bf83572
Size

166KB
MD5

596533af4ad3d9ca93f515486bf83572
SHA1

4d6d4d114ee7d8b2732ae420db70a37a44f67e91
SHA256

c1dde5773f0c31665b1b55e67ea5e6a8e5d2572632395d57d9bb9662a1c6545a
SHA512

2f69568dd915c0d826896e967baf23a2dd8b82d82116950cb38964f375b8f0c5f32c62bc685d76fd076d449fb4d2745814c6c461eaccd1c76b7c321eb01255ae
SSDEEP

3072:xsKK+KQsgsoEsvwu27lFWc9LF8YApcun3V88evyu2JzTY6gX2aZlg:CiGlrlFf9LF6pcMyvyNXlyi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_596533af4ad3d9ca93f515486bf83572

Files

JaffaCakes118_596533af4ad3d9ca93f515486bf83572
.exe windows:4 windows x86 arch:x86

afc291e31124c413164d8bc291ab7912

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
MultiByteToWideChar
HeapReAlloc
GlobalGetAtomNameW
GetDateFormatA
SetStdHandle
GetACP
RtlUnwind
GetOEMCP
TlsSetValue
EnumResourceTypesW
TlsAlloc
GetTimeFormatA
IsValidCodePage
SetThreadLocale
SetFilePointer
HeapSize
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
GetCPInfo
TlsGetValue
RaiseException

rpcrt4

RpcStringFreeA

user32

DispatchMessageW
LoadStringA
DispatchMessageA
MessageBoxA
PeekMessageA
GetDesktopWindow
CharNextA
wsprintfA

shell32

SHGetDataFromIDListW
DragAcceptFiles
SHGetFileInfoA
SHGetPathFromIDListA
ShellExecuteExA
SHBrowseForFolderA
Shell_NotifyIconA

Sections

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 472KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ