JaffaCakes118_69436a95d9e12c6c5b67c51bce071539 | Triage

Sharing

General

Target

JaffaCakes118_69436a95d9e12c6c5b67c51bce071539
Size

172KB
MD5

69436a95d9e12c6c5b67c51bce071539
SHA1

ae183cad978d41b2423c8a66ca95895295d7d837
SHA256

4a48287a6119abd0bc3cd681a10a1a59caae84a07d41741b1b40540310472754
SHA512

d13caf3011695efa075763e842ff004649c3c151dd888385630bd2448c730a7dc3ffb97c6a32ae8b13a773f2eec52bd91be212dbaf136baaae2db39408c77134
SSDEEP

3072:O5j5iPxhLT3lemGR8HtQ5Av6yEBVQi547aZfnvtTH6oXSXJzhUdWRC9BXGQXeLni:O7iPxhLT1HGee7VQi5VvVzohhUdwC9xd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_69436a95d9e12c6c5b67c51bce071539

Files

JaffaCakes118_69436a95d9e12c6c5b67c51bce071539
.exe windows:4 windows x86 arch:x86

394513eb658f1c6d0249d270b1c7526d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameA
GetCPInfo
VirtualAlloc
GetACP
HeapReAlloc
TlsGetValue
SetFilePointer
GetLocaleInfoA
RtlUnwind
GetOEMCP
EnumResourceNamesW
TlsSetValue
GetConsoleOutputCP
SetStdHandle
GetDateFormatA
CreateToolhelp32Snapshot
GetTimeFormatA
IsValidCodePage
HeapSize
TlsAlloc
MultiByteToWideChar
WriteConsoleA
RaiseException

shell32

SHGetUnreadMailCountW
SHAppBarMessage
ShellExecuteExA
DragAcceptFiles
SHGetPathFromIDListA
SHGetFileInfoA
SHBrowseForFolderA
Shell_NotifyIconA

rpcrt4

RpcStringFreeA

user32

CharNextA
MessageBoxA
GetDesktopWindow
LoadStringA
DispatchMessageA
DispatchMessageW
PeekMessageA
wsprintfA

Sections

.text
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 470KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ