07ff4b03d9d0ae902bb2f66b05a4944b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07ff4b03d9d0ae902bb2f66b05a4944b_JaffaCakes118
Size

55KB
MD5

07ff4b03d9d0ae902bb2f66b05a4944b
SHA1

876069c74ba20ca50722c82c774fbeaa1a553c73
SHA256

2717e17eb2f113ff785becde88940824ea1ceb91ee093bc2a0eeb41a82da030a
SHA512

982914c3ccfb64b20301b0e590d7d7143be4e002eef38b6a4bafc200d43f7c8d8f9580b9ada14e61658f2bc45ddf20e089c423f729b947e62640fc5f504b8adb
SSDEEP

1536:jf4kpcR2nrd5AR8qGQb1g6PgEbhIwso/M9:74kRca5Qb1XPFhIwB09

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07ff4b03d9d0ae902bb2f66b05a4944b_JaffaCakes118

Files

07ff4b03d9d0ae902bb2f66b05a4944b_JaffaCakes118
.exe windows:17070 windows x86 arch:x86

fdf2568376d2ee54e7f35af09ac8ca40

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

InitializeSecurityDescriptor
RegDeleteValueW
OpenThreadToken
RegCreateKeyExA

shell32

DragAcceptFiles
CommandLineToArgvW
SHGetMalloc
DragFinish
SHGetFolderPathW
CommandLineToArgvW

kernel32

LocalFree
GetCurrentThreadId
QueryPerformanceCounter
GetCurrentProcessId
GetModuleFileNameA
WaitForSingleObject
ExitProcess
VirtualAlloc
GetModuleHandleA
GetModuleHandleA
MultiByteToWideChar
QueryPerformanceCounter
WaitForSingleObject
GetModuleHandleW
GetModuleHandleW
GetModuleHandleW
GetCurrentThreadId
GetProcessHeap
WaitForSingleObject
LoadLibraryA
GetACP
VirtualAlloc

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
SetTextColor
SetBkMode

user32

GetMessageW
CreateWindowExW
LoadStringW
DestroyWindow
GetMessageW
LoadStringW
GetDlgItem
ReleaseDC
LoadIconW
GetDC
ShowWindow
GetMessageW
LoadStringW

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ