JaffaCakes118_9a878436264736013c701e508693ed96 | Triage

Sharing

General

Target

JaffaCakes118_9a878436264736013c701e508693ed96
Size

273KB
MD5

9a878436264736013c701e508693ed96
SHA1

6d5f355b179796c6c4892bc6aba556330011d7e7
SHA256

de6f03ceeb8ad8ce3a9dcf919c571011909c4095d8b9feae68af66567ad23e7b
SHA512

eff5da1c0e16ed0d688192332fd013ac0935bfad1cd64d77612cddcf314a417d1e96c4ca743568458480f3c53ffd149b01334ab89593afb5a7215e1b7636b42c
SSDEEP

6144:iFMhh8L/qOAvDgzATu+FegNs0VnPF9cSWlw:5IL/MEzusOYSW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_9a878436264736013c701e508693ed96

Files

JaffaCakes118_9a878436264736013c701e508693ed96
.exe windows:4 windows x86 arch:x86

4dccc2f66362ab1c27c27c4c6454157a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GlobalGetAtomNameW
GetTimeFormatA
IsValidCodePage
GetOEMCP
SetStdHandle
TlsAlloc
GetDateFormatA
GetCPInfo
RtlUnwind
TlsGetValue
WriteConsoleA
EnumResourceTypesA
HeapReAlloc
SetThreadExecutionState
SetFilePointer
GetLocaleInfoA
GetConsoleOutputCP
TlsSetValue
HeapSize
GetACP
MultiByteToWideChar
RaiseException

rpcrt4

RpcStringFreeA

shell32

SHGetDataFromIDListW
SHGetFileInfoA
ShellExecuteExA
DragAcceptFiles
SHGetPathFromIDListA
SHBrowseForFolderA
Shell_NotifyIconA

user32

CharNextA
GetDesktopWindow
PeekMessageA
MessageBoxA
DispatchMessageA
LoadStringA
DispatchMessageW
wsprintfA

Sections

.text
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ