e0c2ac9ab787d6b76160c9f6da9dd859_JaffaCakes118 | Triage

Sharing

General

Target

e0c2ac9ab787d6b76160c9f6da9dd859_JaffaCakes118
Size

274KB
MD5

e0c2ac9ab787d6b76160c9f6da9dd859
SHA1

0132d8559f3cc3a019d1effeef2a46a8ab9cebe0
SHA256

0a4ecb9bd2b1fda79b92f339ac66f60afffabf84b13e0b561ae947d49aba3e09
SHA512

894c27abbb7c0641caed6f7a715824c92317dbf3fa4cff3601cc4e1092a8d3ad95c92e2003d1c928ea82bfff122e122961ea4b5c8f594e5609c63e036508d86b
SSDEEP

6144:maeACrvpKo3oDY68SLvHseVAoDrxf+2WDzE+T+VWVG8IQbF:m5vph+Y68SLRNDrxf+2uzR+VANIQbF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0c2ac9ab787d6b76160c9f6da9dd859_JaffaCakes118

Files

e0c2ac9ab787d6b76160c9f6da9dd859_JaffaCakes118
.exe windows:4 windows x86 arch:x86

01de03cea806c0fddf3e08f22b34aebc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GlobalGetAtomNameA
GetVersionExA
GetVersionExW
LockResource
LoadLibraryW
GetModuleHandleW
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryA
FreeLibrary
WritePrivateProfileStringW
FindFirstFileW
EnumResourceTypesA
GetTickCount
GlobalSize
MulDiv
MultiByteToWideChar
Sleep
LoadResource
GetPrivateProfileStringW
GetDllDirectoryW
lstrlenW
GetModuleFileNameW
FindClose
GetPrivateProfileIntW
GetLocaleInfoW

shell32

DllGetVersion
ShellExecuteW
SHGetFolderPathW
SHGetPathFromIDListA
ShellExecuteExA
SHFileOperationW
ShellExecuteExW
CommandLineToArgvW
SHGetFileInfoA
SHBrowseForFolderA
Shell_NotifyIconA

ole32

CoTaskMemFree
CoTaskMemAlloc
CoUninitialize

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ