4da6c40626ccb4c13908cb22bc6ce5e6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4da6c40626ccb4c13908cb22bc6ce5e6_JaffaCakes118
Size

179KB
MD5

4da6c40626ccb4c13908cb22bc6ce5e6
SHA1

dc3b864833c2a8010b4a72414ee65e4e996247ac
SHA256

b1bc2b3691dbe914eef84300c51523a5e6c6abbcced03957c25209af12439670
SHA512

716a943b0cca24210e9fde42c1bcf660cc5039a8c8c7377f2f0ca2e3fbb33c2f76d407dadacaf390193736f2d62b0e2fdd9ec7ea2d605d4f41c7fd5a8171500a
SSDEEP

3072:JFVYM+5EvtCgERIsquXZ1iy7LiJQ+gIod7q1SJJmfVDfmcqvXqRu8a3:u+VeWE7r+gIohqQJg4cqPWM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4da6c40626ccb4c13908cb22bc6ce5e6_JaffaCakes118

Files

4da6c40626ccb4c13908cb22bc6ce5e6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

92a48d1beb759d18ad12ae24e7d74d74

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
GetModuleHandleW
LockResource
GetModuleFileNameW
lstrlenW
GetVersionExA
LoadLibraryA
MultiByteToWideChar
FindFirstFileW
FreeLibrary
DeleteCriticalSection
GlobalSize
GetProcAddress
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
EnumResourceTypesW
IsDBCSLeadByteEx
GetTickCount
LoadResource
Sleep
InitializeCriticalSection
GetVersionExW
FindClose
MulDiv
LoadLibraryW
GetLocaleInfoW

wininet

HttpQueryInfoA
InternetTimeToSystemTime
HttpOpenRequestA
HttpSendRequestA
InternetErrorDlg
InternetReadFile
InternetOpenA
InternetConnectA
InternetCrackUrlA
InternetCloseHandle
InternetTimeFromSystemTime

shell32

DllGetVersion
ShellExecuteExW
ShellExecuteExA
SHBrowseForFolderA
SHGetFolderPathW
SHGetFileInfoA
ShellExecuteW
SHFileOperationW
SHGetPathFromIDListA
CommandLineToArgvW
Shell_NotifyIconA

Sections

.text
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ