JaffaCakes118_434758b16ea5ec79a2ea712133f5de0f | Triage

Sharing

General

Target

JaffaCakes118_434758b16ea5ec79a2ea712133f5de0f
Size

273KB
MD5

434758b16ea5ec79a2ea712133f5de0f
SHA1

14f2dc50603e5fcdbbc6ad3a4bb36da20853c121
SHA256

10cb4b9428adcbfb305223f3bf18f3f0398ae659b71f20306e617528b5877b0d
SHA512

502420b62d0935c6e025dbc39d6eb2024b9b32383558ebf3d5c2a58f20973d4d8020083fcdd0afd6e949dfc98457559a240c2238afffe42c10f55ead67774cf3
SSDEEP

6144:c23TmfY7JDrCEwz+Haew3xM7BDEzfqbOfcdzeWAm6m2gJ5Sl76o0K694BVy:cCmf+wz0aew3x8BKmOfcdyI2gmlZ0K62

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_434758b16ea5ec79a2ea712133f5de0f

Files

JaffaCakes118_434758b16ea5ec79a2ea712133f5de0f
.exe windows:4 windows x86 arch:x86

0d312842a8c1c08bdcdc795d9a63ad13

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleFileNameW
GlobalGetAtomNameA
MultiByteToWideChar
LoadLibraryA
GetPrivateProfileIntW
GetTickCount
MulDiv
WritePrivateProfileStringW
GetPrivateProfileStringW
GlobalSize
InitializeCriticalSection
FreeLibrary
Sleep
EnumResourceTypesW
GetModuleHandleW
GetVersionExW
GetVersionExA
lstrlenW
LoadLibraryW
FindClose
IsDBCSLeadByteEx
FindFirstFileW
LockResource
DeleteCriticalSection
LoadResource
GetLocaleInfoW

wininet

InternetErrorDlg
InternetOpenA
HttpQueryInfoA
InternetTimeToSystemTime
InternetConnectA
InternetCloseHandle
InternetReadFile
InternetCrackUrlA
HttpSendRequestA
HttpOpenRequestA
InternetTimeFromSystemTime

shell32

DllGetVersion
CommandLineToArgvW
SHFileOperationW
SHGetFolderPathW
ShellExecuteExW
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteExA
SHGetFileInfoA
ShellExecuteW
Shell_NotifyIconA

Sections

.text
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ