JaffaCakes118_ac336be0084400b8449911f3c6134816 | Triage

Sharing

General

Target

JaffaCakes118_ac336be0084400b8449911f3c6134816
Size

165KB
MD5

ac336be0084400b8449911f3c6134816
SHA1

9cbe8899e8de4b8838bf85b59d9ac15437b3c9ae
SHA256

19afa28fa0ee6586c94f8f14b074199e42ddb2179ca50be1372ad6a5fced3663
SHA512

e4181f207d7fcae1f6996658ef451a6ff70ae9dcc984ba260254d092d4a4d206e059fa6fdbab507aa57755cc9de54f1ca75e5d3de1b7fc653acb550bc4cd0e64
SSDEEP

3072:ny0BNkzJWZFnBTb9d0o11UQEN7aKwhQG0zdwC4ScD6lToVnWWtBGoEdIKDo2RA/B:ny0jkF4n19d0o/ENdOfad8hDEQ5tkfIj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_ac336be0084400b8449911f3c6134816

Files

JaffaCakes118_ac336be0084400b8449911f3c6134816
.exe windows:4 windows x86 arch:x86

44a284ecb6027e1ac589eca6329b4bd6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
GetVersionExW
GetProcAddress
LockResource
GetPrivateProfileStringW
GetModuleFileNameW
LoadResource
GetPrivateProfileIntW
GlobalSize
GetModuleHandleW
GetVersionExA
WritePrivateProfileStringW
EnumResourceTypesA
GetTickCount
FindFirstFileW
LoadLibraryW
FindClose
Sleep
DeleteCriticalSection
LoadLibraryA
InitializeCriticalSection
GetDllDirectoryW
FreeLibrary
MultiByteToWideChar
lstrlenW
MulDiv
GetLocaleInfoW

shell32

DllGetVersion
SHGetFileInfoA
ShellExecuteW
CommandLineToArgvW
ShellExecuteExW
ShellExecuteExA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetFolderPathW
SHFileOperationW
Shell_NotifyIconA

ole32

CoTaskMemFree
CoTaskMemAlloc
CoUninitialize

Sections

.text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ