JaffaCakes118_4a44120b77eb51aaebb1631e940623a9 | Triage

Sharing

General

Target

JaffaCakes118_4a44120b77eb51aaebb1631e940623a9
Size

164KB
MD5

4a44120b77eb51aaebb1631e940623a9
SHA1

dd9f7ccf70671748f1f2a07cf85decd924c78097
SHA256

2ab275a617484a4e0a70c849dd0adce450fdb810cc0ae6808f6f033b294e0c28
SHA512

6053b143706ea9cba12a7172b216cb03b62a92aa4c77b678b506013861a8d00d806509e2e2c126482a39d595ff0dac2f8ba32a0ee044617cd43be5c916df9086
SSDEEP

3072:RNPMi4ngb4rIaZXzuaDhSRvnHUZkdShKAQxxILL4PS+jx1se7ozi:RNT4ngb4UaZyihGvnIbhKA8xIoPfx1nD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_4a44120b77eb51aaebb1631e940623a9

Files

JaffaCakes118_4a44120b77eb51aaebb1631e940623a9
.exe windows:4 windows x86 arch:x86

f3935cc99c4ed88e78facb80a75f0eb9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
GetPrivateProfileIntA
lstrcatA
SetErrorMode
GetTickCount
LocalAlloc
IsDBCSLeadByte
lstrcpyA
GetCommandLineA
SetUnhandledExceptionFilter
GetPrivateProfileSectionA
SizeofResource
FindResourceA
GetPrivateProfileStringA
GetCurrentProcessId
CreateDirectoryA
EnumResourceTypesA
TerminateProcess
LoadResource
GetPrivateProfileSectionNamesA
WritePrivateProfileStringA
IsSystemResumeAutomatic
GetFileAttributesA
GetProfileStringA
GetModuleFileNameA
GetProcessTimes
CreateFileA
LoadLibraryExA
FormatMessageA
WriteProfileStringA
lstrcpynA

shell32

SHIsFileAvailableOffline
ShellExecuteExA
DragAcceptFiles
SHBrowseForFolderA
SHGetFileInfoA
SHGetPathFromIDListA
Shell_NotifyIconA

version

GetFileVersionInfoA

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ