JaffaCakes118_dad294cc0220656002f3bbd030d0d3ea | Triage

Sharing

General

Target

JaffaCakes118_dad294cc0220656002f3bbd030d0d3ea
Size

274KB
MD5

dad294cc0220656002f3bbd030d0d3ea
SHA1

9a6718b1e3f56fc62be414579865da418099bd14
SHA256

1dc41b4be881fc20ce71519e48251f6be1ffa776f73faac2a70ed4dcbc31be63
SHA512

27ea795744caf52ab9846cede2972d9ecadc2a15b024868a5826226159e27072477e33f472bbf232db1f05c375fc60a00962e0448503e69dc73ab574ee7e9901
SSDEEP

6144:R18u7ntij35zenYp5wiQxVQVNb89woYZ69U1SfTLB0AzQglMqBr1iW9Txz2oRcru:Lz0gnYpTu8BrZWU1Sfn6ADaW9x2oRIp5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_dad294cc0220656002f3bbd030d0d3ea

Files

JaffaCakes118_dad294cc0220656002f3bbd030d0d3ea
.exe windows:4 windows x86 arch:x86

ee7e85206923bc70fb4872b91f25bea2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExW
FindClose
GetPrivateProfileStringW
GlobalGetAtomNameA
Sleep
FreeLibrary
LoadLibraryW
GlobalSize
lstrlenW
FindFirstFileW
GetTickCount
LockResource
EnumResourceTypesA
GetVersionExA
InitializeCriticalSection
LoadLibraryA
MultiByteToWideChar
GetPrivateProfileIntW
WritePrivateProfileStringW
GetModuleHandleW
GetDllDirectoryW
GetProcAddress
DeleteCriticalSection
MulDiv
GetModuleFileNameW
LoadResource
GetLocaleInfoW

ole32

CoTaskMemAlloc
CoTaskMemFree
CoUninitialize

shell32

DllGetVersion
ShellExecuteExA
CommandLineToArgvW
SHGetFileInfoA
ShellExecuteW
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFolderPathW
SHFileOperationW
ShellExecuteExW
Shell_NotifyIconA

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ