JaffaCakes118_24fd0ec3e4d6053871dfc2d39af9b84b | Triage

Sharing

General

Target

JaffaCakes118_24fd0ec3e4d6053871dfc2d39af9b84b
Size

274KB
MD5

24fd0ec3e4d6053871dfc2d39af9b84b
SHA1

2f3f85a2e31eaa679ea8fa3c93878e95748b401c
SHA256

2cdb2e3aac502f958197be085974fda90ac9907501f935cfac4776225418e321
SHA512

21257343e7f3ab295b5eaf71f7ded14a979c6d34273d8f3faae97ceb64e4fdac646c4a422ded1e4f879bc9694ea087d2a4ad778295119101438600d8c15f94e7
SSDEEP

6144:to3xSRRP+Q80V/e1xkALD4tvTiJQ3U21DbryGhNgeSq:to3gmf0V/6ewDwv+I1DbRfjSq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_24fd0ec3e4d6053871dfc2d39af9b84b

Files

JaffaCakes118_24fd0ec3e4d6053871dfc2d39af9b84b
.exe windows:4 windows x86 arch:x86

fdb26250b792acc774d1cf537d45669d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetPrivateProfileIntW
GlobalGetAtomNameA
Sleep
GetTickCount
GlobalSize
LockResource
DeleteCriticalSection
LoadLibraryW
LoadLibraryA
GetVersionExA
GetModuleFileNameW
WritePrivateProfileStringW
GetPrivateProfileStringW
LoadResource
EnumResourceTypesA
lstrlenW
FindFirstFileW
GetCPInfo
MultiByteToWideChar
InitializeCriticalSection
FreeLibrary
GetVersionExW
FindClose
MulDiv
GetModuleHandleW
GetLocaleInfoW

wininet

HttpQueryInfoA
InternetTimeToSystemTime
InternetCloseHandle
InternetConnectA
InternetReadFile
HttpSendRequestA
InternetOpenA
HttpOpenRequestA
InternetCrackUrlA
InternetErrorDlg
InternetTimeFromSystemTime

shell32

DllGetVersion
SHGetFileInfoA
SHGetFolderPathW
SHBrowseForFolderA
ShellExecuteExA
SHGetPathFromIDListA
ShellExecuteW
CommandLineToArgvW
SHFileOperationW
ShellExecuteExW
Shell_NotifyIconA

Sections

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ