31573a415cde918913c7812b3a7aee3f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

31573a415cde918913c7812b3a7aee3f_JaffaCakes118
Size

182KB
MD5

31573a415cde918913c7812b3a7aee3f
SHA1

9e6b755d44d00eb6f269332c8336e191f478944b
SHA256

71b1121099e91bb14d75e893ec3ffbc05fd5bacd2dacb8d1d2949a1122a00e01
SHA512

8c686d75f42df9ebf5c8fec764cea6a31a6dc1f61559fafff94ac768f7e4363e79fe09dafb77c90e66db90fb7edffdf82e390f94d0374b9348b28efc5fd7d338
SSDEEP

3072:QDk4kP8/jzW7Lyf28EzoQVeNoeg5lxB3TKs1ieTl40FxHC9kls9XvAd1eiV:SfELyfJWwNGnxEY40bHC9kqpAd1ei

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31573a415cde918913c7812b3a7aee3f_JaffaCakes118

Files

31573a415cde918913c7812b3a7aee3f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

202d0464d2dc58c6aa3612ae357b6950

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetModuleFileNameW
GetPrivateProfileIntW
GlobalGetAtomNameA
LockResource
InitializeCriticalSection
GlobalSize
GetVersionExW
DeleteCriticalSection
GetProcAddress
Sleep
LoadResource
MultiByteToWideChar
MulDiv
LoadLibraryW
EnumResourceTypesA
GetModuleHandleW
lstrlenW
FindClose
GetPrivateProfileStringW
GetDllDirectoryW
WritePrivateProfileStringW
FreeLibrary
GetVersionExA
GetTickCount
FindFirstFileW
GetLocaleInfoW

shell32

DllGetVersion
CommandLineToArgvW
SHGetFolderPathW
ShellExecuteExA
ShellExecuteExW
SHGetPathFromIDListA
ShellExecuteW
SHFileOperationW
SHGetFileInfoA
SHBrowseForFolderA
Shell_NotifyIconA

ole32

CoTaskMemAlloc
CoTaskMemFree
CoUninitialize

Sections

.text
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ