JaffaCakes118_1e0635b14f16cb89ecd8d17fb7625dc3 | Triage

Sharing

General

Target

JaffaCakes118_1e0635b14f16cb89ecd8d17fb7625dc3
Size

273KB
MD5

1e0635b14f16cb89ecd8d17fb7625dc3
SHA1

0a3ad6062ee0a6e2d36a50420544da2cc8799d46
SHA256

09f7f214039ffc8529bfc04f1e53384cfb7adc697b74e44c8d9b203eef7c3bde
SHA512

ba659cd85d4bd3734b7ec4023c6e9b68a78337ff729213f7472fc5b1470276977b5f14c5ed520996f44c003363b7c36964cd9798b1a98ce4ab6384bad97b1f75
SSDEEP

6144:mRbYIgvJYh2VNRS0SY17RLlcezaDb93WMYUmXBWsImZRbYV:eYIgvJ7zRS0X17RZWDR3tYUmjP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_1e0635b14f16cb89ecd8d17fb7625dc3

Files

JaffaCakes118_1e0635b14f16cb89ecd8d17fb7625dc3
.exe windows:4 windows x86 arch:x86

865c47ca24e480f915e3637c2c22f1c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
MulDiv
LoadLibraryW
GetModuleFileNameW
GetPrivateProfileStringW
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleW
GetPrivateProfileIntW
LoadLibraryA
lstrlenW
FreeLibrary
EnumResourceTypesA
LoadResource
WritePrivateProfileStringW
GetTickCount
FindClose
Sleep
FindFirstFileW
MultiByteToWideChar
GetDllDirectoryW
LockResource
GetProcAddress
GlobalSize
GetVersionExW
GetVersionExA
GetLocaleInfoW

shell32

DllGetVersion
SHGetFolderPathW
ShellExecuteExW
SHBrowseForFolderA
ShellExecuteW
ShellExecuteExA
SHGetFileInfoA
SHFileOperationW
SHGetPathFromIDListA
CommandLineToArgvW
Shell_NotifyIconA

ole32

CoTaskMemAlloc
CoTaskMemFree
CoUninitialize

Sections

.text
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ