af1889002107d62dec279228b34fe606_JaffaCakes118 | Triage

Sharing

General

Target

af1889002107d62dec279228b34fe606_JaffaCakes118
Size

394KB
MD5

af1889002107d62dec279228b34fe606
SHA1

339d9fa26476990ba6e35ee3fd4e0680cacaff95
SHA256

62c063db87de24ad5ab3d470e13b49f2324b5b3cc72e7414223403056e908899
SHA512

668071fb24b5cfa2bab6a844aeef6fae217db388f22d9221b1b1a86a3b07ec663ff2c2fda2b9231b619937e2ba75fdbfa040b5be1cf8c09e13d2c438ae22a0b8
SSDEEP

3072:u957ruPK4tIvXjU7UkicPavvQzWyUTLtW+jL5oD8wIjfXkKgmEHldb8wzHwaC:4JruPK4CXjGNjavcqLtWqKDJJKgL50

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af1889002107d62dec279228b34fe606_JaffaCakes118

Files

af1889002107d62dec279228b34fe606_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7168dcdbc2b95ffc6f0da66d4669004a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDesktopWindow

advapi32

OpenServiceW

ole32

CoInitialize

shell32

ShellExecuteExW

shlwapi

PathAppendW

Sections

.MPRESS1
Size: 27KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 363KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE