JaffaCakes118_696fafa9022841b1857c58c81c946b39 | Triage

Sharing

General

Target

JaffaCakes118_696fafa9022841b1857c58c81c946b39
Size

175KB
MD5

696fafa9022841b1857c58c81c946b39
SHA1

4b28e0351e24a0f8ddb1870c2890fd66794c19e8
SHA256

1ccec4722b3e77a8cd6096d056c9729970031435165bd4b9e0dbe2bcd8b2e3ce
SHA512

f0459f40a02a09e2af63ff2844207c74e6633f4a7eef1526ece958b004c716e6d0a5911ccf99d0bbbe7e0572f97cc4f942b55b17986ec0c1c2ba9d85c254d03f
SSDEEP

3072:FpR0iRWxwF+fA5V6qXbqdqRgPKA4cQdKOQPSvWLYE55g1Xx:FpRJUf2V5bqdqRYK5sOkSDw5gR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_696fafa9022841b1857c58c81c946b39

Files

JaffaCakes118_696fafa9022841b1857c58c81c946b39
.exe windows:4 windows x86 arch:x86

4d37858f56b65bd69182fb2c37b5c5c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
MultiByteToWideChar
GetAtomNameA
GetCPInfo
TlsSetValue
GetOEMCP
WriteConsoleA
SetStdHandle
GetACP
GetTimeFormatA
EnumResourceNamesW
GetDateFormatA
SetFilePointer
TlsGetValue
HeapSize
CreateToolhelp32Snapshot
IsValidCodePage
RtlUnwind
HeapReAlloc
GetLocaleInfoA
GetConsoleOutputCP
TlsAlloc
RaiseException

rpcrt4

RpcStringFreeA

shell32

SHGetUnreadMailCountW
SHGetFileInfoA
SHGetPathFromIDListA
SHAppBarMessage
SHBrowseForFolderA
DragAcceptFiles
ShellExecuteExA
Shell_NotifyIconA

user32

DispatchMessageW
PeekMessageA
LoadStringA
DispatchMessageA
CharNextA
GetDesktopWindow
MessageBoxA
wsprintfA

Sections

.text
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 472KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ