JaffaCakes118_8701351287784126d2b6fc00a3f7215b | Triage

Sharing

General

Target

JaffaCakes118_8701351287784126d2b6fc00a3f7215b
Size

165KB
MD5

8701351287784126d2b6fc00a3f7215b
SHA1

1b8f28a02416d12e485f06b445994c17ecf89fff
SHA256

198bf94a578eb6a3403029983d49bfaec46c5faa07053de40168a6572e9ebf9c
SHA512

f9cd6aa7bc05611c1f2baf2f968be3dca989af33286d40132e3fb16f7c4fcc202ddb254dfe4d4e1b1103cdf20e11271df7f63760259cb745eddaaf02d74d35b2
SSDEEP

3072:snouwXqQPvUubHKBT3D8kH4/xA02cRHwneYifp5rMARkygyNbVGPzYtKrU:EouwXqQPvUuSDH4Jp2OaIRCJtHU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_8701351287784126d2b6fc00a3f7215b

Files

JaffaCakes118_8701351287784126d2b6fc00a3f7215b
.exe windows:4 windows x86 arch:x86

36f947b473e16c840be38f3e4e6b0a60

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
SizeofResource
GlobalGetAtomNameA
CreateDirectoryA
WritePrivateProfileStringA
IsDBCSLeadByte
GetModuleFileNameA
GetPrivateProfileIntA
GetProcessTimes
GetPrivateProfileStringA
FindResourceA
LoadResource
lstrcatA
FormatMessageA
SetUnhandledExceptionFilter
EnumResourceTypesA
WriteProfileStringA
lstrcpyA
GetPrivateProfileSectionA
GetCurrentProcessId
SetErrorMode
GetTickCount
LoadLibraryExA
IsSystemResumeAutomatic
GetFileAttributesA
GetProfileStringA
GetPrivateProfileSectionNamesA
GetCommandLineA
TerminateProcess
CreateFileA
lstrcpynA

shell32

SHIsFileAvailableOffline
SHBrowseForFolderA
ShellExecuteExA
SHGetFileInfoA
SHGetPathFromIDListA
DragAcceptFiles
Shell_NotifyIconA

version

GetFileVersionInfoA

Sections

.text
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ