ffa9e1bcd6dd6b2efe1ff22b47403896_JaffaCakes118 | Triage

Sharing

General

Target

ffa9e1bcd6dd6b2efe1ff22b47403896_JaffaCakes118
Size

181KB
MD5

ffa9e1bcd6dd6b2efe1ff22b47403896
SHA1

8891320c1988d97142fff5500e4f55cc7fa6e90c
SHA256

067ce002217b4ea0b6e788d9ed0b87d0e9649bb46cd17e7cad6f3b3477afca17
SHA512

6c8806f5bf079eecf00afdc39a15b59efe66a11f2c8a0a5d4668a1f2bd164c631ee1df169931af6a687269db5257a29b0007e5ab50d704d1c75804e9311dc8ae
SSDEEP

3072:IogczQB6mEyfl8cb3y5aLsLp0EZpM1XTEIFRdu33NrUbIrTP5F3ZJWgVXfiFDl+w:IoWhEC8cfcp/M1XYI/sEIHP5F3n1fiFl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffa9e1bcd6dd6b2efe1ff22b47403896_JaffaCakes118

Files

ffa9e1bcd6dd6b2efe1ff22b47403896_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6858b5d826d7c76ac0c527fd7de9488e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
GetTickCount
GetAtomNameA
MultiByteToWideChar
GetPrivateProfileIntW
FindClose
FreeLibrary
GetProcAddress
GlobalSize
FindFirstFileW
GetModuleFileNameW
MulDiv
GetPrivateProfileStringW
WritePrivateProfileStringW
LockResource
Sleep
EnumResourceTypesW
InitializeCriticalSection
GetVersionExW
LoadLibraryA
GetModuleHandleW
GetSystemDirectoryW
lstrlenW
DeleteCriticalSection
GetVersionExA
LoadLibraryW
GetLocaleInfoW

ole32

CoTaskMemFree
CoTaskMemAlloc
CoUninitialize

shell32

DoEnvironmentSubstA
CommandLineToArgvW
ShellExecuteW
SHGetPathFromIDListA
SHFileOperationW
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteExA
ShellExecuteExW
Shell_NotifyIconA

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ