JaffaCakes118_0953ea55cbde8a4348fe587a94494dc1 | Triage

Sharing

General

Target

JaffaCakes118_0953ea55cbde8a4348fe587a94494dc1
Size

179KB
MD5

0953ea55cbde8a4348fe587a94494dc1
SHA1

9661d5e1c0309cc1ef9f5eddea8e503e26aed612
SHA256

2b2a13b06aa43334f963ea9fb176be6e62a07bfbe9873bfdc4ea7e1a68ad1f54
SHA512

13d114b9cae405878c4e20080aeca6de1041765d51b528128e98aa6d23830137b98f77252a7836a38339dc73147879159810f5ac09e1bd7a8bf9e32d351cd1e8
SSDEEP

3072:EaAZQ6101RAkEeVAnjHt/7kXksrSe4pyk4wTaHaVDnV2SzHXCZNubqs5:EaA66L5kXkw74D7yZ8bq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_0953ea55cbde8a4348fe587a94494dc1

Files

JaffaCakes118_0953ea55cbde8a4348fe587a94494dc1
.exe windows:4 windows x86 arch:x86

67b185cf8866fd6f438c79738c390f44

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
LoadLibraryA
InitializeCriticalSection
GlobalGetAtomNameA
GetVersionExW
LoadResource
WritePrivateProfileStringW
MulDiv
DeleteCriticalSection
GetPrivateProfileStringW
GetTickCount
GlobalSize
lstrlenW
GetModuleHandleW
MultiByteToWideChar
EnumResourceTypesW
FindFirstFileW
FindClose
GetProcAddress
GetCPInfo
GetModuleFileNameW
Sleep
LoadLibraryW
LockResource
GetVersionExA
GetPrivateProfileIntW
GetLocaleInfoW

shell32

DllGetVersion
ShellExecuteW
ShellExecuteExW
SHGetFileInfoA
SHGetFolderPathW
ShellExecuteExA
CommandLineToArgvW
SHBrowseForFolderA
SHFileOperationW
SHGetPathFromIDListA
Shell_NotifyIconA

wininet

HttpSendRequestA
InternetErrorDlg
InternetOpenA
HttpQueryInfoA
InternetCloseHandle
InternetTimeToSystemTime
InternetConnectA
HttpOpenRequestA
InternetCrackUrlA
InternetReadFile
InternetTimeFromSystemTime

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ