JaffaCakes118_9ec6fc94432fa78a7585004d03eceabf | Triage

Sharing

General

Target

JaffaCakes118_9ec6fc94432fa78a7585004d03eceabf
Size

180KB
MD5

9ec6fc94432fa78a7585004d03eceabf
SHA1

d739dab40b405822b4b89ab2ca208731b354f30a
SHA256

292c20d20889ba64ce3cdbdbb5467786f9ae807e2606aa4a14ec0dbf4c741639
SHA512

80bef760aba69cf9b81910a2e10cc5deb44d36501877176d1dc23d43f854c89bdee0b19cac2a2c98197eb3306ec5fa5e4b406ea83bf9c1fbb200b89a89114ab6
SSDEEP

3072:dklnqbpEekz2+pU1LnJAKd5gG8WrjFP0GBLFO4DTgEhtSKJylxq:dInYpEeg2+q1LnJAufgEcKIf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_9ec6fc94432fa78a7585004d03eceabf

Files

JaffaCakes118_9ec6fc94432fa78a7585004d03eceabf
.exe windows:4 windows x86 arch:x86

db47d791ded52bc4bcb93ef1f8c9e758

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GlobalGetAtomNameA
GetModuleHandleW
MulDiv
GetVersionExW
FindClose
DeleteCriticalSection
FreeLibrary
LoadLibraryA
LoadResource
LockResource
GetPrivateProfileStringW
MultiByteToWideChar
GlobalSize
lstrlenW
EnumResourceTypesW
GetModuleFileNameW
GetCPInfo
FindFirstFileW
GetTickCount
LoadLibraryW
InitializeCriticalSection
WritePrivateProfileStringW
GetProcAddress
GetPrivateProfileIntW
GetVersionExA
GetLocaleInfoW

shell32

DllGetVersion
SHGetFileInfoA
SHGetFolderPathW
ShellExecuteW
SHFileOperationW
CommandLineToArgvW
SHGetPathFromIDListA
ShellExecuteExA
ShellExecuteExW
SHBrowseForFolderA
Shell_NotifyIconA

wininet

HttpOpenRequestA
HttpSendRequestA
InternetErrorDlg
InternetReadFile
HttpQueryInfoA
InternetCloseHandle
InternetOpenA
InternetCrackUrlA
InternetConnectA
InternetTimeToSystemTime
InternetTimeFromSystemTime

Sections

.text
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ