JaffaCakes118_764e6ac82c655b99e1e1a65509aaa5d8 | Triage

Sharing

General

Target

JaffaCakes118_764e6ac82c655b99e1e1a65509aaa5d8
Size

283KB
MD5

764e6ac82c655b99e1e1a65509aaa5d8
SHA1

cb9e9b8f0e3838b8d2a03667824543258c6022f1
SHA256

46bae6af43a38569c5df3e5b9af31ff1d81f65618af3582a72972f3e781c0012
SHA512

f657903cb244916e6445c2e7132177ef2b49820cfa46821cd0642aad811528654a60d2c124c1a458dfcf20520789ec99f9ff9fc3695bb5225f424c77c3fec9dd
SSDEEP

6144:hM/p8WlpgPns4repj7KPWJhk0xIuJl/jNQw8rCPF0gF:hfmgE4rexOPWvEuJBjmw8rqF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_764e6ac82c655b99e1e1a65509aaa5d8

Files

JaffaCakes118_764e6ac82c655b99e1e1a65509aaa5d8
.exe windows:4 windows x86 arch:x86

fb5cfe7d6c94cabea39b1faf9f0b259d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
GetCPInfo
SetFilePointer
GetLocaleInfoA
GetTimeFormatA
GetConsoleOutputCP
GetDateFormatA
RtlUnwind
TlsAlloc
TlsGetValue
EnumResourceNamesW
GetACP
MultiByteToWideChar
HeapReAlloc
TlsSetValue
CreateSemaphoreW
WriteConsoleA
IsValidCodePage
HeapSize
GetOEMCP
SetStdHandle
VirtualAlloc
RaiseException

shell32

SHGetSpecialFolderLocation
DragAcceptFiles
ShellExecuteExA
SHGetFileInfoA
SHAppBarMessage
SHBrowseForFolderA
SHGetPathFromIDListA
Shell_NotifyIconA

rpcrt4

RpcStringFreeA

user32

DispatchMessageW
MessageBoxA
PeekMessageA
LoadStringA
GetDesktopWindow
CharNextA
DispatchMessageA
wsprintfA

Sections

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 155KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ