7fe37ca79af689731127cbd7670c4cb7_JaffaCakes118 | Triage

Sharing

General

Target

7fe37ca79af689731127cbd7670c4cb7_JaffaCakes118
Size

273KB
MD5

7fe37ca79af689731127cbd7670c4cb7
SHA1

4916db95e4019325d635e14fb85d4489728855aa
SHA256

7e78ff1cd26848189be0f309baf1cabf74bd918a9f5294827c9ee4683a8861a2
SHA512

4b33c0928ea416bebcdd67586eddda701cd8367002f4280862b76a9d7b8f2bdddcd0c09efae8de82eef256bd27d766fd39b1ac55ce09232548d8084abf00fe45
SSDEEP

6144:7sIgppccOO0D7yECY2kchY8FG4MbXaE2umPd9Tiy:7sIgppccOL7dCYMhv9eDm7iy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7fe37ca79af689731127cbd7670c4cb7_JaffaCakes118

Files

7fe37ca79af689731127cbd7670c4cb7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

48900216139a9cab6ca95764b5fab43b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GlobalGetAtomNameA
GetPrivateProfileStringW
MultiByteToWideChar
lstrlenW
Sleep
GetVersionExW
FreeLibrary
GetModuleFileNameW
GlobalSize
DeleteCriticalSection
LoadLibraryW
WritePrivateProfileStringW
GetModuleHandleW
MulDiv
GetProcAddress
EnumResourceTypesW
GetVersionExA
IsDBCSLeadByteEx
GetPrivateProfileIntW
LoadLibraryA
InitializeCriticalSection
FindClose
LockResource
LoadResource
FindFirstFileW
GetLocaleInfoW

shell32

SHGetImageList
ShellExecuteExW
SHFileOperationW
SHGetFileInfoA
SHGetPathFromIDListA
SHGetFolderPathW
SHBrowseForFolderA
ShellExecuteExA
CommandLineToArgvW
ShellExecuteW
Shell_NotifyIconA

wininet

InternetCloseHandle
HttpQueryInfoA
InternetReadFile
InternetOpenA
InternetConnectA
InternetCrackUrlA
HttpSendRequestA
InternetTimeToSystemTime
InternetErrorDlg
HttpOpenRequestA
InternetTimeFromSystemTime

Sections

.text
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ