JaffaCakes118_7ac1b03b40158d3e3782a006f6043797 | Triage

Sharing

General

Target

JaffaCakes118_7ac1b03b40158d3e3782a006f6043797
Size

179KB
MD5

7ac1b03b40158d3e3782a006f6043797
SHA1

87b8f8330b7ae62aa1f9d95ce9182250433c842f
SHA256

1f86686519bac4f9f8c01c709216ba4c4f94c822ca9ab1427020380bf43c97d7
SHA512

0027742a4e551df2de9a9981c5c69870efa100ca1322ebef1f5bff74a6710ba7b0fe6f04cb44a1fe1fdcde484d0071bc8cb15665be2cb8c65060ef2aa2081b17
SSDEEP

3072:+wP76BUPyge7lX59MortIBZntRmOTc1uHmfGqsg0oXGrSk1KEysVbzv:+tGPyRcoUjTc1amfov11ZysVT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7ac1b03b40158d3e3782a006f6043797

Files

JaffaCakes118_7ac1b03b40158d3e3782a006f6043797
.exe windows:4 windows x86 arch:x86

35f5a50cb01f914ff06ae551677277d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
GetModuleFileNameW
GlobalGetAtomNameA
GetModuleHandleW
GetTickCount
GlobalSize
GetProcAddress
DeleteCriticalSection
LoadLibraryA
FindClose
GetPrivateProfileIntW
GetPrivateProfileStringW
MulDiv
WritePrivateProfileStringW
FreeLibrary
LoadResource
EnumResourceTypesW
lstrlenW
LoadLibraryW
GetVersionExW
GetCPInfo
Sleep
GetVersionExA
InitializeCriticalSection
FindFirstFileW
MultiByteToWideChar
GetLocaleInfoW

wininet

InternetCrackUrlA
HttpOpenRequestA
InternetReadFile
HttpQueryInfoA
InternetErrorDlg
InternetConnectA
HttpSendRequestA
InternetCloseHandle
InternetTimeToSystemTime
InternetOpenA
InternetTimeFromSystemTime

shell32

DllGetVersion
ShellExecuteExA
SHGetFileInfoA
CommandLineToArgvW
SHFileOperationW
ShellExecuteExW
SHGetPathFromIDListA
SHGetFolderPathW
SHBrowseForFolderA
ShellExecuteW
Shell_NotifyIconA

Sections

.text
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ