JaffaCakes118_56fb8a60bd63e00fb4f9c9c0708c8a6f | Triage

Sharing

General

Target

JaffaCakes118_56fb8a60bd63e00fb4f9c9c0708c8a6f
Size

273KB
MD5

56fb8a60bd63e00fb4f9c9c0708c8a6f
SHA1

60f38acf91d1ba5248dc497df6a502ea21993f06
SHA256

140d47d09676bd6c84ad75d3ae07785c9729de0d3603bb7b4a789f7af1da568f
SHA512

06d6a398230b18a39ebc4898da8245138c5b6030005a278042b0625d8c7d92b2f2f40f83c65efcf0580641f34f0799bea5d1c14c2b00c5535ed17fbc76988f5c
SSDEEP

6144:oyH1hOETjx+j6dMzZ7wsnOw+sXUqdhqZCbBiLhuB:oE15Tj8eeTvAqdhqWM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_56fb8a60bd63e00fb4f9c9c0708c8a6f

Files

JaffaCakes118_56fb8a60bd63e00fb4f9c9c0708c8a6f
.exe windows:4 windows x86 arch:x86

6c114d8d39b93528125b83c51c02f34b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntW
LoadLibraryA
WritePrivateProfileStringW
GlobalGetAtomNameA
InitializeCriticalSection
GetPrivateProfileStringW
GetModuleHandleW
MultiByteToWideChar
GlobalSize
FindClose
LoadResource
LoadLibraryW
DeleteCriticalSection
GetProcAddress
GetVersionExW
LockResource
EnumResourceTypesW
MulDiv
GetTickCount
FreeLibrary
FindFirstFileW
GetCPInfo
GetVersionExA
Sleep
GetModuleFileNameW
lstrlenW
GetLocaleInfoW

shell32

DllGetVersion
SHGetFileInfoA
SHGetFolderPathW
SHFileOperationW
ShellExecuteExA
ShellExecuteExW
SHGetPathFromIDListA
SHBrowseForFolderA
CommandLineToArgvW
ShellExecuteW
Shell_NotifyIconA

wininet

InternetCloseHandle
InternetConnectA
InternetErrorDlg
HttpQueryInfoA
HttpSendRequestA
InternetCrackUrlA
InternetTimeToSystemTime
InternetOpenA
HttpOpenRequestA
InternetReadFile
InternetTimeFromSystemTime

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ