JaffaCakes118_f843a82e405e34c62bfa2af47f4ee17c | Triage

Sharing

General

Target

JaffaCakes118_f843a82e405e34c62bfa2af47f4ee17c
Size

180KB
MD5

f843a82e405e34c62bfa2af47f4ee17c
SHA1

786e94810cdfb43c9dc86d890a056e80e9c08a19
SHA256

21cc5b476fe27fbe9105e4e44ee354c768afed0a828e18a384095501405fc889
SHA512

96a711c4476782049d924f6523efc605ef1f34603a5212672e715680a6e0440a5fdc305d8614796f8e6a0861795ddaa48f03d2d07745f6ca4108302585458d79
SSDEEP

3072:E+2BoZZVHE4oyNruTioUow7K7c8lL8Yl52kLrGn9y+AxC4Cjwotwc:E9UZBEmNQiVvetlxrG0pMnjw6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_f843a82e405e34c62bfa2af47f4ee17c

Files

JaffaCakes118_f843a82e405e34c62bfa2af47f4ee17c
.exe windows:4 windows x86 arch:x86

3f4eed3bec83be95d441962cf4605d4e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
GlobalGetAtomNameA
GetPrivateProfileIntA
GetFileAttributesA
CreateFileA
FindResourceA
GetPrivateProfileSectionNamesA
SetErrorMode
SetUnhandledExceptionFilter
GetCurrentProcessId
GetTickCount
LocalAlloc
WritePrivateProfileStringA
LoadResource
EnumResourceTypesA
TerminateProcess
WriteProfileStringA
IsDBCSLeadByte
lstrcatA
CreateDirectoryA
GetCommandLineA
GetModuleFileNameA
GetProcessTimes
GetProfileStringA
IsSystemResumeAutomatic
GetPrivateProfileStringA
LoadLibraryExA
FormatMessageA
lstrcpyA
GetPrivateProfileSectionA
lstrcpynA

version

GetFileVersionInfoA

shell32

SHIsFileAvailableOffline
SHBrowseForFolderA
ShellExecuteExA
DragAcceptFiles
SHGetPathFromIDListA
SHGetFileInfoA
Shell_NotifyIconA

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ