4d982d14b3bd9e2ab710da9ec2cedecf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d982d14b3bd9e2ab710da9ec2cedecf_JaffaCakes118
Size

275KB
MD5

4d982d14b3bd9e2ab710da9ec2cedecf
SHA1

439a653c8bc3e593eca14f93d52f62a00f932820
SHA256

b8833cc662568fcb465f38ceeb7340a0ebb4c40be8266d371d4e43e572a16877
SHA512

71e748e237c72e5023143e1537d564d479a430802551d7f272ea6eab639430e4b9313f59c036530df546d48d57187f2a9adbaa72469f6045a50dc78feb191b35
SSDEEP

6144:fIrUN/ZgAsIYz3hUwFmzBwDZjO8IXmWxazZJrdKe2ERxJ2:9nsFzxUwAOt7gmWs9H0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d982d14b3bd9e2ab710da9ec2cedecf_JaffaCakes118

Files

4d982d14b3bd9e2ab710da9ec2cedecf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0a4d47060c42cc76feaf0761edbc574b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextChangeNotification
FreeLibrary
FindFirstFileW
FindResourceW
GetAtomNameA
lstrlenW
FindCloseChangeNotification
MultiByteToWideChar
GetVersionExW
FindClose
GlobalUnlock
WritePrivateProfileStringW
LoadLibraryA
DeleteCriticalSection
WaitForSingleObject
GetTickCount
GetPrivateProfileIntW
LoadLibraryW
GetModuleFileNameW
EnumResourceTypesA
GetVersionExA
FindFirstChangeNotificationW
GetProcAddress
IsValidCodePage
GlobalSize
GlobalLock
GetCurrentDirectoryW
GetPrivateProfileStringW
MulDiv
CloseHandle
GetModuleHandleW
GlobalAlloc
Sleep
LockResource
LoadResource
InitializeCriticalSection
GetLocaleInfoW

shell32

SHGetImageList
SHBrowseForFolderA
ShellExecuteW
ShellExecuteExW
CommandLineToArgvW
SHFileOperationW
SHGetFileInfoA
SHGetFolderPathW
ShellExecuteExA
SHGetPathFromIDListA
Shell_NotifyIconA

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ