JaffaCakes118_771873432a46048391d86de0cf6e6ebb | Triage

Sharing

General

Target

JaffaCakes118_771873432a46048391d86de0cf6e6ebb
Size

178KB
MD5

771873432a46048391d86de0cf6e6ebb
SHA1

5a07c7e3345210329d4d0cc17a6e1d86585b121d
SHA256

63130c80578b44d6ba0c7f7c13cfb4e893967a81608d0ec8993dfe6020f268c3
SHA512

30ee54e452069c52253d92360a5cd94fb33747319f7263de4d3383477601b47ccc41a7038162a104763238b663f0a50ee76f9cd0ddc0d384b558a945af6dabd8
SSDEEP

3072:/L/wyNqKMLufKePcPRD5kFR+rUr1YdDrgXvftX48yr2goxiX:/L/wfLufDwIR6d/gXHtXJm5R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_771873432a46048391d86de0cf6e6ebb

Files

JaffaCakes118_771873432a46048391d86de0cf6e6ebb
.exe windows:4 windows x86 arch:x86

847cb551d6cab2a2d10f07d6e22a7c16

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
WriteConsoleA
HeapSize
GlobalGetAtomNameA
IsValidCodePage
GetDateFormatA
GetACP
HeapReAlloc
GetCPInfo
VirtualAlloc
TlsSetValue
GetLocaleInfoA
GetOEMCP
EnumResourceTypesA
IsSystemResumeAutomatic
GetConsoleOutputCP
RtlUnwind
TlsAlloc
SetStdHandle
MultiByteToWideChar
SetFilePointer
GetTimeFormatA
RaiseException

shell32

SHDefExtractIconA
SHGetFileInfoA
ShellExecuteExA
SHGetPathFromIDListA
SHBrowseForFolderA
DragAcceptFiles
Shell_NotifyIconA

version

GetFileVersionInfoA

Sections

.text
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 97KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ