JaffaCakes118_10956ffae06aff25f77a5bdf029ae5c1 | Triage

Sharing

General

Target

JaffaCakes118_10956ffae06aff25f77a5bdf029ae5c1
Size

275KB
MD5

10956ffae06aff25f77a5bdf029ae5c1
SHA1

28149501bd3a7676fd34595cf1367007f3a05228
SHA256

61c620c11457e86a8ac7fcb265b9cae112746a508607b1ace5e6f97838140b44
SHA512

0947314b8ebf408bf77c68e785ae74103727c4c7f38a1af8ef882cecfb3daa638823d50b70fd29b40e6e925d80c0de0b4c477bb76ccca3e8b182fe54574da431
SSDEEP

6144:rhV5Vs/98YyeGpfqxQV+qc1tLw3UmnB+6xR+2+jZ317rb:1V7jeGpCyi1tLwUmBhX+jZ3Fb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_10956ffae06aff25f77a5bdf029ae5c1

Files

JaffaCakes118_10956ffae06aff25f77a5bdf029ae5c1
.exe windows:4 windows x86 arch:x86

56bd0a9b3ef9ab2bfc7cd451dd079dd9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntW
WritePrivateProfileStringW
GetModuleHandleW
GlobalGetAtomNameA
Sleep
InitializeCriticalSection
GetTickCount
GetVersionExW
FreeLibrary
DeleteCriticalSection
MultiByteToWideChar
LoadLibraryA
LoadResource
GetPrivateProfileStringW
GetProcAddress
EnumResourceTypesA
LoadLibraryW
GetModuleFileNameW
FindClose
FindFirstFileW
MulDiv
GetDllDirectoryW
lstrlenW
GlobalSize
LockResource
GetVersionExA
GetLocaleInfoW

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

shell32

DllGetVersion
ShellExecuteExW
SHGetFolderPathW
CommandLineToArgvW
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteW
SHFileOperationW
ShellExecuteExA
Shell_NotifyIconA

Sections

.text
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ