JaffaCakes118_94caf308a97bbad2651559e259f16947 | Triage

Sharing

General

Target

JaffaCakes118_94caf308a97bbad2651559e259f16947
Size

177KB
MD5

94caf308a97bbad2651559e259f16947
SHA1

e6de5e3f9254a7d8c3c20c5bb0132afd4d6c3a50
SHA256

2917ed24233aa8367a436a01c0e55c949b63f406c534e0c2ec0e27927f2c855f
SHA512

49811a6deabe5e67c0806a08077e9a700257ea2bb36d9fab4bea9b8c67787003dbe7590ea9a239ecc74e10f397bbb87a8f7545a720b62ff192c2aba35872bf96
SSDEEP

3072:qooe1b2we2OXlerZ9nJmxQyWRH2QUgPKTU2qz:qDe1ywfq0/qQyWYQ5Kw2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_94caf308a97bbad2651559e259f16947

Files

JaffaCakes118_94caf308a97bbad2651559e259f16947
.exe windows:4 windows x86 arch:x86

05e0550eff42ec7d169fdb2f8be61496

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

NdrComplexArrayFree
UuidCreate

shlwapi

PathCombineW
SHGetValueW
PathAppendW
PathRemoveFileSpecW
PathFileExistsW

shell32

Shell_NotifyIconA

winmm

timeEndPeriod

kernel32

FlushInstructionCache
DuplicateHandle
FindFirstFileA
UnmapViewOfFile
EnumResourceNamesW
SetLocaleInfoW
FindResourceExA
MapViewOfFile
GetModuleFileNameW
FindClose

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ