JaffaCakes118_aaef7fd20c151a51263286b2fbcdabca | Triage

Sharing

General

Target

JaffaCakes118_aaef7fd20c151a51263286b2fbcdabca
Size

195KB
MD5

aaef7fd20c151a51263286b2fbcdabca
SHA1

2b9ff1fb63f440d02fe4d572ce9c1eb7a3c17ce1
SHA256

2f17bb1742217a5bc0fe0d89044c4241f382bc56c2995fa319f94a08798afcd9
SHA512

93ce7971dd68f5e4c7eb0f745daa559c409f2f3e0b8bf9e30e808d334f19ef2dad0707ef7443d93f9263cd7743cfcf1e334400366e5420602cdf725c95ddbf5e
SSDEEP

3072:EUVfW7yjVxXgXC3Xhq8OgbX2++2gX3mchQneB9FjycwO65uky3yJqdRh0e+9lpcj:ET+XgYXhq8OgTt+bn5vPFPk2dftwj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_aaef7fd20c151a51263286b2fbcdabca

Files

JaffaCakes118_aaef7fd20c151a51263286b2fbcdabca
.exe windows:4 windows x86 arch:x86

5d517d5a52be63c9b5cb30865f88cce9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

shell32

SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetPathFromIDListA

rpcrt4

NdrComplexArrayFree
UuidCreate

kernel32

GlobalAlloc
FindClose
FlushInstructionCache
WaitForSingleObject
GetWindowsDirectoryA
LoadLibraryExA
GetExitCodeProcess
WritePrivateProfileStringA
FreeLibrary
MultiByteToWideChar
EnumResourceNamesW
GetPrivateProfileStringA
FindNextFileA
SetFilePointer
ReadFile
GetModuleHandleA
GetProcAddress
SetupComm
MulDiv
DeleteFileA
FindFirstFileA
WriteFile
GlobalFree

Sections

.text
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ