JaffaCakes118_7854f659cee962818055d8e5e068acc4 | Triage

Sharing

General

Target

JaffaCakes118_7854f659cee962818055d8e5e068acc4
Size

180KB
MD5

7854f659cee962818055d8e5e068acc4
SHA1

708cda3618bbe2d578750a24efac6e7bb07641d7
SHA256

2b9223e59fc80dac2e4d447b8059de000b87743985bb2e9aab8969305e729287
SHA512

ff116f195c4527d13f7368e9bfc2de08b083c722a8f9d0fa0ed131c0b21004050ef7d83f58f40facf676b1fa7ec01f21a89a333c9036b3d3ab841f091ff54a56
SSDEEP

3072:/vox12+nf24ert0IsrgQ8lIdGxblSHepOg6X7VLy7Oo2MXvQVxQUMrxsL9RlM2b:noxR2xZsUlIIzSOOg6X7VLk2MXvAxQUn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7854f659cee962818055d8e5e068acc4

Files

JaffaCakes118_7854f659cee962818055d8e5e068acc4
.exe windows:4 windows x86 arch:x86

c6969818ffec899dfc0546998d3323e1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
lstrlenW
GetVersionExA
GlobalGetAtomNameA
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleW
MulDiv
FreeLibrary
GetVersionExW
Sleep
LoadLibraryA
FindFirstFileW
EnumResourceTypesA
GlobalSize
WritePrivateProfileStringW
LoadLibraryW
GetProcAddress
GetDllDirectoryW
GetTickCount
LockResource
FindClose
GetPrivateProfileStringW
LoadResource
MultiByteToWideChar
GetPrivateProfileIntW
GetLocaleInfoW

ole32

CoTaskMemFree
CoTaskMemAlloc
CoUninitialize

shell32

DllGetVersion
ShellExecuteExW
SHGetFolderPathW
ShellExecuteExA
SHGetPathFromIDListA
SHGetFileInfoA
ShellExecuteW
SHFileOperationW
CommandLineToArgvW
SHBrowseForFolderA
Shell_NotifyIconA

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ