JaffaCakes118_723a3f6cf905602f9a3a18a21f67e6ea | Triage

Sharing

General

Target

JaffaCakes118_723a3f6cf905602f9a3a18a21f67e6ea
Size

164KB
MD5

723a3f6cf905602f9a3a18a21f67e6ea
SHA1

66483f1d55d28272e8c9fb46026a9915cd44e766
SHA256

c3cfba31dca1199fb0b2c5a3c8322335c7e3370dcc112298981509dc6ae17def
SHA512

8382bfdb6e7a31f1e6fecd0a6ae82395c604d329240110b8b22265127f3871f80f688954191be1959f968a2de4d73e7adec08e661c1c30a6098c23b70cd61553
SSDEEP

3072:x6NrWISWp5i31KlZLQh89owVMUNPUsB6hYx6gXvKsCjQ+GjszNM:vWp5kqjrRNc5evKsCjN5N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_723a3f6cf905602f9a3a18a21f67e6ea

Files

JaffaCakes118_723a3f6cf905602f9a3a18a21f67e6ea
.exe windows:4 windows x86 arch:x86

b63ffe609ba7aab493f570d76192493d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
GlobalGetAtomNameA
TlsSetValue
SetFilePointer
GetConsoleOutputCP
RtlUnwind
GetACP
IsValidCodePage
TlsGetValue
HeapSize
GetOEMCP
HeapReAlloc
SetStdHandle
EnumResourceTypesA
IsSystemResumeAutomatic
GetTimeFormatA
GetCPInfo
TlsAlloc
MultiByteToWideChar
WriteConsoleA
GetDateFormatA
VirtualAlloc
RaiseException

version

GetFileVersionInfoA

shell32

SHDefExtractIconA
SHGetPathFromIDListA
DragAcceptFiles
ShellExecuteExA
SHBrowseForFolderA
SHGetFileInfoA
Shell_NotifyIconA

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ