3b56c005807a44aff43fd31d0343e8ba_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b56c005807a44aff43fd31d0343e8ba_JaffaCakes118
Size

274KB
MD5

3b56c005807a44aff43fd31d0343e8ba
SHA1

4fe2105c407023c950b8bda86397e070cf069493
SHA256

17d3edab206bed164ba8b7aefad255bc6b1309859f67b17a73743d608309d491
SHA512

2ba442188de6617102546aaf52edc81162021c94386f8521a881a05dd6794f73a610b3e08a6ffeaec73ab4870c52b9b8e7a3198bedf8985cd8733eb473bd3b62
SSDEEP

6144:y/L/o4dB0L4+bh4Wa2vYBWvjcVMZxKLb8BRgeCEZ:y/L5Bxa4c+2cm2P8BRgeC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b56c005807a44aff43fd31d0343e8ba_JaffaCakes118

Files

3b56c005807a44aff43fd31d0343e8ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c2c5854df733bf5f78d88641001afda1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
GlobalSize
GetModuleFileNameW
GetPrivateProfileIntW
GetVersionExW
lstrlenW
FindClose
GetModuleHandleW
LoadLibraryA
LoadResource
LockResource
GetProcAddress
GetVersionExA
Sleep
FindFirstFileW
EnumResourceTypesW
GetTickCount
LoadLibraryW
GetCPInfo
GetPrivateProfileStringW
FreeLibrary
MultiByteToWideChar
DeleteCriticalSection
WritePrivateProfileStringW
InitializeCriticalSection
MulDiv
GetLocaleInfoW

wininet

HttpQueryInfoA
InternetOpenA
HttpOpenRequestA
InternetCrackUrlA
InternetErrorDlg
HttpSendRequestA
InternetCloseHandle
InternetReadFile
InternetConnectA
InternetTimeToSystemTime
InternetTimeFromSystemTime

shell32

DllGetVersion
ShellExecuteExW
SHBrowseForFolderA
SHGetFolderPathW
SHGetFileInfoA
CommandLineToArgvW
SHFileOperationW
SHGetPathFromIDListA
ShellExecuteExA
ShellExecuteW
Shell_NotifyIconA

Sections

.text
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ