JaffaCakes118_98f18b98f40afa9623af791f382253e4 | Triage

Sharing

General

Target

JaffaCakes118_98f18b98f40afa9623af791f382253e4
Size

273KB
MD5

98f18b98f40afa9623af791f382253e4
SHA1

2eb5598ce6325b2d9f78c737db4fbe08ef8e2018
SHA256

132e929a7bba526b0e49d4dcd1cf2794a40e56c3b2ce3f91a3a3d99bd5475fd2
SHA512

61cec2b1ef2526d9fa9e29fb4ba3eec2491dc4ef45ff5f29cf144f6fcb6b150eaa17a7db5b38615d428713539bc63bdc85c143d16a7cb461292f972a4d51228e
SSDEEP

6144:PhW/AHQwJsguXrkuE8qEsJf7w9NaS7uW3Y6kPGNYoMyKEa:CaQqsfkFEM7w/a0uSY3o7K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_98f18b98f40afa9623af791f382253e4

Files

JaffaCakes118_98f18b98f40afa9623af791f382253e4
.exe windows:4 windows x86 arch:x86

52e7cf4aea4d187843d1738066de35ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
lstrlenW
GlobalGetAtomNameA
Sleep
GetVersionExW
GetModuleFileNameW
MulDiv
LoadLibraryA
GetPrivateProfileIntW
InitializeCriticalSection
FindClose
MultiByteToWideChar
GetVersionExA
GetTickCount
GetProcAddress
EnumResourceTypesA
GetModuleHandleW
GetDllDirectoryW
LoadLibraryW
GlobalSize
LoadResource
DeleteCriticalSection
WritePrivateProfileStringW
GetPrivateProfileStringW
FindFirstFileW
FreeLibrary
GetLocaleInfoW

ole32

CoTaskMemFree
CoTaskMemAlloc
CoUninitialize

shell32

DllGetVersion
SHGetFolderPathW
SHGetFileInfoA
ShellExecuteW
ShellExecuteExW
SHGetPathFromIDListA
SHBrowseForFolderA
SHFileOperationW
ShellExecuteExA
CommandLineToArgvW
Shell_NotifyIconA

Sections

.text
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ