c240b365269b0e9a4ec458614ca405a8_JaffaCakes118 | Triage

Sharing

General

Target

c240b365269b0e9a4ec458614ca405a8_JaffaCakes118
Size

273KB
MD5

c240b365269b0e9a4ec458614ca405a8
SHA1

b70ca354e005b40fbaf00b2ccdfa9ccd7c6be67f
SHA256

5d917480a91799dcee2f3728645473a8ac2d8a7eae0ee9f23c6ed6d977f06603
SHA512

e3875e1b0b89becf4e21b791ed7d4be5082cf68b0a568de6d521dafa23e5656fa37195550fbe43658ab35ab221c3c6cc815d5af30e2203076f2a90acb8f939f9
SSDEEP

6144:mRbYxgvJYh2VNRS0SY17RLlcezaDb93WMYUmXBWsImZRbYV:eYxgvJ7zRS0X17RZWDR3tYUmjP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c240b365269b0e9a4ec458614ca405a8_JaffaCakes118

Files

c240b365269b0e9a4ec458614ca405a8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

865c47ca24e480f915e3637c2c22f1c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
MulDiv
LoadLibraryW
GetModuleFileNameW
GetPrivateProfileStringW
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleW
GetPrivateProfileIntW
LoadLibraryA
lstrlenW
FreeLibrary
EnumResourceTypesA
LoadResource
WritePrivateProfileStringW
GetTickCount
FindClose
Sleep
FindFirstFileW
MultiByteToWideChar
GetDllDirectoryW
LockResource
GetProcAddress
GlobalSize
GetVersionExW
GetVersionExA
GetLocaleInfoW

shell32

DllGetVersion
SHGetFolderPathW
ShellExecuteExW
SHBrowseForFolderA
ShellExecuteW
ShellExecuteExA
SHGetFileInfoA
SHFileOperationW
SHGetPathFromIDListA
CommandLineToArgvW
Shell_NotifyIconA

ole32

CoTaskMemAlloc
CoTaskMemFree
CoUninitialize

Sections

.text
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ