ae6245f878a9e9990266429c7fa7ad8e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae6245f878a9e9990266429c7fa7ad8e_JaffaCakes118
Size

274KB
MD5

ae6245f878a9e9990266429c7fa7ad8e
SHA1

b4a92b7b67bd0da46fc7ab7bbbd5f815d41141a6
SHA256

91adabc0851a9c5b4e894cea50801b4f73cf17364edeb79e6a43ba56b49d8cc8
SHA512

9de46d183a24a89640fede8911aac8a140684c5d7a15ce4946535730f8c320b793b6388b50a589aa6007d9164b8f8b1a513fc1e4d7307693bc31da8e7feaf1bb
SSDEEP

6144:a5RFuEiOGwiJmzr/ulcUT81ca7YM+iSMFrJJWWOXdvOv:a5irmWVTja7YM+iSMFmWOtW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae6245f878a9e9990266429c7fa7ad8e_JaffaCakes118

Files

ae6245f878a9e9990266429c7fa7ad8e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a3fd7b655da22ffcf77c1598dc868a58

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
InitializeCriticalSection
GetTickCount
Sleep
GetPrivateProfileStringW
GetPrivateProfileIntW
GetVersionExW
GetProcAddress
GetModuleFileNameW
GlobalSize
LoadLibraryW
GetVersionExA
FindClose
EnumResourceTypesA
lstrlenW
GetModuleHandleW
DeleteCriticalSection
FreeLibrary
WritePrivateProfileStringW
GetDllDirectoryW
FindFirstFileW
MulDiv
LoadLibraryA
LockResource
LoadResource
MultiByteToWideChar
GetLocaleInfoW

ole32

CoTaskMemAlloc
CoTaskMemFree
CoUninitialize

shell32

DllGetVersion
CommandLineToArgvW
SHGetFileInfoA
SHBrowseForFolderA
SHGetFolderPathW
SHFileOperationW
ShellExecuteExA
ShellExecuteW
SHGetPathFromIDListA
ShellExecuteExW
Shell_NotifyIconA

Sections

.text
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ