2689d109b1bace5c0af7a831c0b5352c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2689d109b1bace5c0af7a831c0b5352c_JaffaCakes118
Size

151KB
MD5

2689d109b1bace5c0af7a831c0b5352c
SHA1

6f92b4c512bd6461cc0a45ddea11313cf24c3d49
SHA256

4695b5c78fed06ff204a25d9ae9ffc49e1cf672742b266da536b57ad3da630be
SHA512

a6e3dbd5703f754c46f14c22c2e62e0f294bdca9d1ff96bc6d5d0d293fb2076839e98b19dd9ec751ef503d6417bcae8e712d7d72433dd2507d19f7119481abfc
SSDEEP

3072:Ncq1qlTw2eQeHs9sgOF+xvWMuoeaep3W1jde6voPXX3N:HqlTwHpe/NZxeJqjdxoPn3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2689d109b1bace5c0af7a831c0b5352c_JaffaCakes118

Files

2689d109b1bace5c0af7a831c0b5352c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a775a2ab3816e4036eed6b0b5a601325

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteConsoleInputVDMA
GetFullPathNameW
GetProcessHandleCount
CompareFileTime
EnumResourceNamesA
FreeEnvironmentStringsW
GetShortPathNameW
MoveFileW
SearchPathW
SetFileTime

comctl32

PropertySheetW

shlwapi

PathAppendW
SHGetValueW
PathRemoveFileSpecW
PathCombineW
PathFileExistsW

user32

LoadIconW
IsDlgButtonChecked
GetDC
PostQuitMessage
DestroyWindow
PostMessageW
GetFocus
CreateCursor
SetWindowTextW
GetDlgCtrlID
SetWindowLongW
GetWindowModuleFileNameW
ReleaseDC
IsWindow
MsgWaitForMultipleObjects

ole32

CoTaskMemFree
CoCreateInstance
CoInitializeEx
CoTaskMemAlloc
CreateStreamOnHGlobal
CoUninitialize
CoInitialize

shell32

CommandLineToArgvW
SHGetFolderPathW
SHFileOperationW
ShellExecuteW
ShellExecuteExW

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ