2fc4a8ba77a8e605727abd20b5ad2cee_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2fc4a8ba77a8e605727abd20b5ad2cee_JaffaCakes118
Size

159KB
MD5

2fc4a8ba77a8e605727abd20b5ad2cee
SHA1

8408950ef20420319c195a3bdf3182bb2ee881ab
SHA256

c9603f4b4460c4ef5bb6baf73ddb90932106c6f78c0164a3f07df71f2aa938b8
SHA512

71b7a66d50f8b55ca76affb78f89e88ee01f6a7da89a5de94f2fd561aae57df9a62f3cf69bf596dcc4fdce8b036bc60441e809b45de47c96c7cc8abd3d20455a
SSDEEP

3072:EgJZlqmpclNkzlkXX1nkFHHtnfBe3Fr7+1zE/u8iav8Jna/cPz7:EgpqlNKFndBof0zRQvKnRz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fc4a8ba77a8e605727abd20b5ad2cee_JaffaCakes118

Files

2fc4a8ba77a8e605727abd20b5ad2cee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5f6b201fede215dc69ebf154a3a8e134

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetFocus
IsWindow
LoadIconW
PostQuitMessage
IsDlgButtonChecked
IsWindowEnabled
PostMessageW
GetDC
SetWindowTextW
ReleaseDC
GetDlgCtrlID
CreateCursor
SetWindowLongW
DestroyWindow
MsgWaitForMultipleObjects

shlwapi

PathAppendW
SHGetValueW
PathRemoveFileSpecW
PathCombineW
PathFileExistsW

ole32

CoCreateInstance
CoInitializeEx
CoUninitialize
CoTaskMemFree
CreateStreamOnHGlobal
CoTaskMemAlloc
CoInitialize

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

RegisterConsoleVDM
GetFullPathNameW
GetProcessHandleCount
GetShortPathNameW
EnumResourceNamesA
FreeEnvironmentStringsW
SearchPathW
CompareFileTime
MoveFileW
SetFileTime

shell32

CommandLineToArgvW
ShellExecuteW
SHFileOperationW
SHGetFolderPathW
ShellExecuteExW

comctl32

PropertySheetW

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ