3477c211b0bd4031ce799d0a8b0e7024_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3477c211b0bd4031ce799d0a8b0e7024_JaffaCakes118
Size

273KB
MD5

3477c211b0bd4031ce799d0a8b0e7024
SHA1

c414c1725cc323657fa3075f0bbb33c5080cb756
SHA256

510281afa6447b9b0125b246091941d79af7cc5483233041c19ed00f3c1ee5cd
SHA512

b5e173808a45dd8f6694bd00367c445ccfd69e40e78def965ba523998148973655a9a5fda0949393faae11d894cf3e34addcdce1df55f98a05f4c69a945f3187
SSDEEP

6144:YduQTSkVwbU4uKOX7W4YMq4Y5xFEVNn3l:YdTVX4ujX7BC5bMr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3477c211b0bd4031ce799d0a8b0e7024_JaffaCakes118

Files

3477c211b0bd4031ce799d0a8b0e7024_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9929fa55d2b38500b5cab83affe64a63

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
GetPrivateProfileIntA
GetProfileStringA
TerminateProcess
SetErrorMode
GetTickCount
GetFileAttributesA
GetPrivateProfileSectionA
LocalAlloc
GetPrivateProfileStringA
FormatMessageA
WritePrivateProfileStringA
GetPrivateProfileSectionNamesA
WriteProfileStringA
GetCurrentProcessId
EnumResourceTypesA
GetCommandLineA
IsDBCSLeadByte
FindResourceA
LoadResource
lstrcatA
LoadLibraryExA
IsSystemResumeAutomatic
CreateFileA
SizeofResource
GetProcessTimes
CreateDirectoryA
lstrcpyA
SetUnhandledExceptionFilter
GetModuleFileNameA
lstrcpynA

version

GetFileVersionInfoA

shell32

SHIsFileAvailableOffline
SHGetFileInfoA
SHGetPathFromIDListA
DragAcceptFiles
SHBrowseForFolderA
ShellExecuteExA
Shell_NotifyIconA

Sections

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ