JaffaCakes118_3e3fdd5c9eba65c58d45acf822b16b87 | Triage

Sharing

General

Target

JaffaCakes118_3e3fdd5c9eba65c58d45acf822b16b87
Size

179KB
MD5

3e3fdd5c9eba65c58d45acf822b16b87
SHA1

616a4735529406aa7e47c17799ec2b84ec6bc23c
SHA256

1213557ca68812da445c3e1d7caeb68c1219bb7cfaa31db9e6e80c1380592fbe
SHA512

4613abbf1865dbf71eeb4359d23cca0883e5c6dcfcabf6b97356d53753ded64b6abd71530ed156b7f4c8ca26f8b83ef0da2da3ff19b5ca6997a8723616166761
SSDEEP

3072:JFVYMk5EvtCgERIsquXZ1iy7LiJQ+gIod7q1SJJmfVDfmcqvXqRu8a3:U+VeWE7r+gIohqQJg4cqPWM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_3e3fdd5c9eba65c58d45acf822b16b87

Files

JaffaCakes118_3e3fdd5c9eba65c58d45acf822b16b87
.exe windows:4 windows x86 arch:x86

92a48d1beb759d18ad12ae24e7d74d74

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
GetModuleHandleW
LockResource
GetModuleFileNameW
lstrlenW
GetVersionExA
LoadLibraryA
MultiByteToWideChar
FindFirstFileW
FreeLibrary
DeleteCriticalSection
GlobalSize
GetProcAddress
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
EnumResourceTypesW
IsDBCSLeadByteEx
GetTickCount
LoadResource
Sleep
InitializeCriticalSection
GetVersionExW
FindClose
MulDiv
LoadLibraryW
GetLocaleInfoW

wininet

HttpQueryInfoA
InternetTimeToSystemTime
HttpOpenRequestA
HttpSendRequestA
InternetErrorDlg
InternetReadFile
InternetOpenA
InternetConnectA
InternetCrackUrlA
InternetCloseHandle
InternetTimeFromSystemTime

shell32

DllGetVersion
ShellExecuteExW
ShellExecuteExA
SHBrowseForFolderA
SHGetFolderPathW
SHGetFileInfoA
ShellExecuteW
SHFileOperationW
SHGetPathFromIDListA
CommandLineToArgvW
Shell_NotifyIconA

Sections

.text
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ