460a2c34b33d2336138d644758f5956e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

460a2c34b33d2336138d644758f5956e_JaffaCakes118
Size

165KB
MD5

460a2c34b33d2336138d644758f5956e
SHA1

ab319723dfed5ac08e05819483023029422b8b25
SHA256

094a2bc58bc67caf172de520c2c9d2944dfa936f578af047eba9429905890994
SHA512

78d87065a1ccdcc4444cb2e7688ae83c6be236ae2c56d3d641a2cf660dae501e4315a10fca71bd29eae4028a40555b6ce3dbdf2bac13e77701a7be6e80685e7e
SSDEEP

3072:aqBgTD/ieQzxyOObxTECIZwVeJKmWtiGZM8OTAqKrcpQ//wE:tBqajxoVThV2VWtY8+Aj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
460a2c34b33d2336138d644758f5956e_JaffaCakes118

Files

460a2c34b33d2336138d644758f5956e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8e0e381c6dc863baaf3dbc624c9fdb40

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
MultiByteToWideChar
LoadLibraryA
FindClose
GetVersionExA
DeleteCriticalSection
Sleep
GetTickCount
FreeLibrary
lstrlenW
GetModuleHandleW
GetProcAddress
GetPrivateProfileIntW
GetPrivateProfileStringW
GlobalSize
GetVersionExW
EnumResourceTypesW
WritePrivateProfileStringW
LoadLibraryW
FindFirstFileW
IsDBCSLeadByte
GetModuleFileNameW
LoadResource
LockResource
InitializeCriticalSection
MulDiv
GetLocaleInfoW

shell32

SHGetImageList
SHGetFolderPathW
SHFileOperationW
SHGetFileInfoA
SHBrowseForFolderA
ShellExecuteExW
SHGetPathFromIDListA
ShellExecuteExA
ShellExecuteW
CommandLineToArgvW
Shell_NotifyIconA

wininet

HttpQueryInfoA
InternetErrorDlg
InternetReadFile
InternetOpenA
InternetConnectA
InternetTimeToSystemTime
InternetCrackUrlA
HttpSendRequestA
InternetCloseHandle
HttpOpenRequestA
InternetTimeFromSystemTime

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ