JaffaCakes118_8df4d6a07cad564fcd0c12419a3d4fe3 | Triage

Sharing

General

Target

JaffaCakes118_8df4d6a07cad564fcd0c12419a3d4fe3
Size

274KB
MD5

8df4d6a07cad564fcd0c12419a3d4fe3
SHA1

58b23b3617e0a8098d4ae473c936804f2a40ee71
SHA256

1ba0a0b4ecd9de570eca00adeb7ccdb8ad3cf0dd1eb5d650248b6c393ab9bf6e
SHA512

3134f67ab259f28dc2d997ead6116e6419fab0bc8144d835f5108a27147d5dd39b4b219d7262c3af4fbf017d678a5d9cba3b6efeadcedd17ab0bdca2891ac955
SSDEEP

6144:U0VYr9HD2jhgdC50ZuqUBeHu9G0SKS3IeuMUN9:U0iZsitpcGtKS3yMUN9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_8df4d6a07cad564fcd0c12419a3d4fe3

Files

JaffaCakes118_8df4d6a07cad564fcd0c12419a3d4fe3
.exe windows:4 windows x86 arch:x86

efd9b17b4c6711d52a4f45b0b827d576

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
MultiByteToWideChar
GetDateFormatA
TlsAlloc
HeapSize
IsValidCodePage
GetACP
GetLocaleInfoA
SetFilePointer
RtlUnwind
SetStdHandle
TlsGetValue
GetOEMCP
EnumResourceNamesA
VirtualAlloc
GetCPInfo
GetTimeFormatA
CreateHardLinkA
TlsSetValue
GetConsoleOutputCP
HeapReAlloc
WriteConsoleA
RaiseException

shell32

SHGetFolderLocation
SHBrowseForFolderW
SHGetSpecialFolderLocation
ShellExecuteW
ShellExecuteExW
SHGetDesktopFolder
SHGetFileInfoW
SHGetMalloc
SHAppBarMessage
SHGetPathFromIDListW
DragAcceptFiles
Shell_NotifyIconW

occache

FindControlClose

Sections

.text
Size: 129KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ