JaffaCakes118_81af0fe78842a1f601cddfb6dda09dfc | Triage

Sharing

General

Target

JaffaCakes118_81af0fe78842a1f601cddfb6dda09dfc
Size

165KB
MD5

81af0fe78842a1f601cddfb6dda09dfc
SHA1

f674df8566d9f5722c553d95cc05183603830cc7
SHA256

1553881425fa895cb6dfa1de4410fbdd3363f117c64cefec69764651caa71d99
SHA512

92992b9c055ae990dad4e96babd98f09895ea660b873f6d6a8a0b8966ec8954e0c57c59b0aa5dce306f3b8eeedb49bc8c638b139ec775c9e57e151a9e199f20e
SSDEEP

3072:snouwXfQPvUubHKBT3D8kH4/xA02cRHwneYifp5rMARkygyNbVGPzYtKrU:EouwXfQPvUuSDH4Jp2OaIRCJtHU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_81af0fe78842a1f601cddfb6dda09dfc

Files

JaffaCakes118_81af0fe78842a1f601cddfb6dda09dfc
.exe windows:4 windows x86 arch:x86

36f947b473e16c840be38f3e4e6b0a60

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
SizeofResource
GlobalGetAtomNameA
CreateDirectoryA
WritePrivateProfileStringA
IsDBCSLeadByte
GetModuleFileNameA
GetPrivateProfileIntA
GetProcessTimes
GetPrivateProfileStringA
FindResourceA
LoadResource
lstrcatA
FormatMessageA
SetUnhandledExceptionFilter
EnumResourceTypesA
WriteProfileStringA
lstrcpyA
GetPrivateProfileSectionA
GetCurrentProcessId
SetErrorMode
GetTickCount
LoadLibraryExA
IsSystemResumeAutomatic
GetFileAttributesA
GetProfileStringA
GetPrivateProfileSectionNamesA
GetCommandLineA
TerminateProcess
CreateFileA
lstrcpynA

shell32

SHIsFileAvailableOffline
SHBrowseForFolderA
ShellExecuteExA
SHGetFileInfoA
SHGetPathFromIDListA
DragAcceptFiles
Shell_NotifyIconA

version

GetFileVersionInfoA

Sections

.text
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ