JaffaCakes118_02253b4f65f49dcf9cece0f2ce858ff8 | Triage

Sharing

General

Target

JaffaCakes118_02253b4f65f49dcf9cece0f2ce858ff8
Size

180KB
MD5

02253b4f65f49dcf9cece0f2ce858ff8
SHA1

f899e34d98fddeaa05b31dcf881a75a17c4cfe53
SHA256

28a38218bffc67455d0b132d26ef751b7d239be9093ccf1f527fa5e8a3d2a01f
SHA512

15b5a32fc0d2191ceb2e26813b2b1e06d44ab3554648c7afd138633998f375f17bdeb57331462a11b27e0fd0bc1d14dab179aedb5965270ca363203bb7a315cf
SSDEEP

3072:Z1oALN8ojjJZqEqw9Ia4OffcxCFk9Mmf4S98iygDZe6BxA9ZR9nU2iqPchllzF3E:ZdN8ojSEqwimkCFkS0198EVeqxAnULyN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_02253b4f65f49dcf9cece0f2ce858ff8

Files

JaffaCakes118_02253b4f65f49dcf9cece0f2ce858ff8
.exe windows:4 windows x86 arch:x86

5a14137b9e6bf12a85936b841ec54409

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
GlobalGetAtomNameA
MultiByteToWideChar
WritePrivateProfileStringW
lstrlenW
GetModuleFileNameW
GetModuleHandleW
FreeLibrary
GetProcAddress
DeleteCriticalSection
GlobalSize
GetVersionExA
MulDiv
LoadLibraryA
GetTickCount
EnumResourceTypesA
GetPrivateProfileStringW
LockResource
FindFirstFileW
FindClose
GetDllDirectoryW
GetVersionExW
Sleep
LoadResource
LoadLibraryW
GetPrivateProfileIntW
GetLocaleInfoW

shell32

DllGetVersion
SHGetFolderPathW
ShellExecuteW
ShellExecuteExA
SHGetPathFromIDListA
CommandLineToArgvW
SHFileOperationW
SHGetFileInfoA
SHBrowseForFolderA
ShellExecuteExW
Shell_NotifyIconA

ole32

CoTaskMemAlloc
CoTaskMemFree
CoUninitialize

Sections

.text
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ