JaffaCakes118_5f2dfb12570a5e668e5ccd26d20dcddf | Triage

Sharing

General

Target

JaffaCakes118_5f2dfb12570a5e668e5ccd26d20dcddf
Size

165KB
MD5

5f2dfb12570a5e668e5ccd26d20dcddf
SHA1

c6e0d73cdfce951453342df4087b408d3e5aed0e
SHA256

2e1062b65969ca58be19f4662616ad52dda0e882507dbb1246b237cbb5c83408
SHA512

980c4b291dc9545f27078a0ec7777b4f591ddf25cfc4be03743e765119217f449711fe49499bd117e4ab42bc9fca6487f01476a0701ccdb3eb09f0c183926a94
SSDEEP

3072:wTaZF2SsPpRyNFW8EHX6951f6rQ4jPjKejMWMxVDDieArR1T2s:wTqF2VDyNy34P4hbKqt0RDiv91T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_5f2dfb12570a5e668e5ccd26d20dcddf

Files

JaffaCakes118_5f2dfb12570a5e668e5ccd26d20dcddf
.exe windows:4 windows x86 arch:x86

66a7d3e15ada36d2e7b667305ab1198d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
GlobalGetAtomNameA
DeleteCriticalSection
GlobalSize
MultiByteToWideChar
lstrlenW
LockResource
GetPrivateProfileStringW
FindFirstFileW
Sleep
FreeLibrary
FindClose
GetProcAddress
MulDiv
LoadResource
GetVersionExW
EnumResourceTypesW
GetTickCount
LoadLibraryW
GetModuleHandleW
IsDBCSLeadByteEx
GetVersionExA
LoadLibraryA
GetPrivateProfileIntW
WritePrivateProfileStringW
GetModuleFileNameW
GetLocaleInfoW

wininet

HttpQueryInfoA
InternetCloseHandle
InternetCrackUrlA
InternetTimeToSystemTime
InternetErrorDlg
InternetOpenA
HttpOpenRequestA
HttpSendRequestA
InternetConnectA
InternetReadFile
InternetTimeFromSystemTime

shell32

SHGetImageList
SHGetFileInfoA
ShellExecuteExW
ShellExecuteExA
ShellExecuteW
SHBrowseForFolderA
SHFileOperationW
SHGetFolderPathW
SHGetPathFromIDListA
CommandLineToArgvW
Shell_NotifyIconA

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ