f300d490e2e64fff73aca6f51f3ea7e7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f300d490e2e64fff73aca6f51f3ea7e7_JaffaCakes118
Size

153KB
MD5

f300d490e2e64fff73aca6f51f3ea7e7
SHA1

9b5dc7cc28676768dd2b76739e3dadf9b91c8bc7
SHA256

e6ff1729df38933095ca28e6513e6e25d7683d9f2fe175a533d4bf405d891ae4
SHA512

2384578a3889d4958812e442140598c92961244f895c0ee2a5a48bcf195dcd5677bb663950242ee08f2ba86f43f577e72f2714974623a99b31dbfbac7d92875f
SSDEEP

3072:jUmpNBOhH1IE1n43Sa+yQzhYcRWu1ryubEagzQ8Sg4wz0RvsEN7V1:jUABcGT+pYc0u1fbVg4wz0RvsEdV1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f300d490e2e64fff73aca6f51f3ea7e7_JaffaCakes118

Files

f300d490e2e64fff73aca6f51f3ea7e7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

032d3176cb43fa694e4f5d715827212c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

comctl32

PropertySheetW

ole32

CoTaskMemFree
CoInitializeEx
CoTaskMemAlloc
CreateStreamOnHGlobal
CoCreateInstance
CoUninitialize
CoInitialize

shell32

CommandLineToArgvW
SHFileOperationW
ShellExecuteW
SHGetFolderPathW
ShellExecuteExW

kernel32

WriteConsoleInputVDMA
MoveFileW
GetProcessHandleCount
GetShortPathNameW
EnumResourceNamesA
FreeEnvironmentStringsW
GetFullPathNameW
CompareFileTime
SearchPathW
SetFileTime

user32

CreateCursor
GetWindowModuleFileNameW
SetWindowTextW
GetDC
IsWindow
SetWindowLongW
GetFocus
PostMessageW
PostQuitMessage
DestroyWindow
LoadIconW
IsDlgButtonChecked
ReleaseDC
GetDlgCtrlID
MsgWaitForMultipleObjects

shlwapi

PathCombineW
SHGetValueW
PathRemoveFileSpecW
PathAppendW
PathFileExistsW

Sections

.text
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ