JaffaCakes118_afda4e86aec193264031054ce220a488 | Triage

Sharing

General

Target

JaffaCakes118_afda4e86aec193264031054ce220a488
Size

164KB
MD5

afda4e86aec193264031054ce220a488
SHA1

e509b45d8262cfc6e2d636c41db4ac02ba85054f
SHA256

1d6ffa1e76aaa12880cf4f35a5ec80234497d75337734635adcf811e2b40fc48
SHA512

e5d9bce8514d28e9fad7ec56cd357d6cf2de177ad60d4445a11f5e6b6c18476cf4685dc5086c3133f608127d1d3bdcff4367b7fff3c4cb5aab954bf3b12c3205
SSDEEP

3072:FdJc5HBhuz3BQgObFi4L2rcbqGJwEm1HxU37RcmOg87F5XG3O65bzwT:HJnbBQg2MrjGJwErVfOg8J5XeP53wT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_afda4e86aec193264031054ce220a488

Files

JaffaCakes118_afda4e86aec193264031054ce220a488
.exe windows:4 windows x86 arch:x86

c5538e421b7dc3cf2b05b81a746dbc69

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalSize
MultiByteToWideChar
InitializeCriticalSection
GetAtomNameA
FindClose
GetPrivateProfileIntW
GetProcAddress
GetVersionExW
GetTickCount
FindFirstFileW
DeleteCriticalSection
LoadLibraryW
FreeLibrary
Sleep
EnumResourceTypesW
LoadLibraryA
LockResource
LoadResource
GetModuleHandleW
GetModuleFileNameW
GetPrivateProfileStringW
GetDllDirectoryW
WritePrivateProfileStringW
GetVersionExA
lstrlenW
MulDiv
GetLocaleInfoW

ole32

CoTaskMemAlloc
CoTaskMemFree
CoUninitialize

shell32

DllGetVersion
SHBrowseForFolderA
SHFileOperationW
CommandLineToArgvW
SHGetPathFromIDListA
ShellExecuteW
ShellExecuteExA
SHGetFileInfoA
ShellExecuteExW
Shell_NotifyIconA

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ