352bfcaf73a802192c9725174ba78e1b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

352bfcaf73a802192c9725174ba78e1b_JaffaCakes118
Size

284KB
MD5

352bfcaf73a802192c9725174ba78e1b
SHA1

50681f3d6c331a386ca5e9a8e6f5e51092fcf617
SHA256

595af667fdc7363f536f05f06d180150410ab1fc716b94a831354c9eb0a072ae
SHA512

16e0339b5971d5f7cfaad87b14e6c67a8f5b595ca5c08284a29cc65ae6e0318e119c629ad30a5e1cb7fa1e1ab66020e597e4da3d63fbdbe146c1dc6a1aab7924
SSDEEP

6144:7k/j7GKSRB1cZN7pClNz4SfTX+X/x3OLGiEKMTBw2PrVHVPogW:Y7bo050TcMQTr3FW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
352bfcaf73a802192c9725174ba78e1b_JaffaCakes118

Files

352bfcaf73a802192c9725174ba78e1b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f66d50fc08d7a505fd2d2890d073b0e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shell32

ShellExecuteA
Shell_NotifyIconA

shlwapi

GetAcceptLanguagesA
PathIsRelativeW
PathFindExtensionW
PathAppendW
UrlUnescapeW
PathCreateFromUrlW
PathRemoveFileSpecW
StrCmpIW
UrlCreateFromPathW
PathCombineW

oleacc

CreateStdAccessibleObject

kernel32

InterlockedCompareExchange
GetModuleHandleW
InterlockedExchange
GlobalFindAtomW
GetLocaleInfoW
GetStartupInfoA
VirtualProtect
GetCurrentThreadId
GetProcessHeap
IsDebuggerPresent
GetSystemTimeAsFileTime
EnumResourceLanguagesA
LocalAlloc
QueryPerformanceCounter
GetCurrentProcess
GetPrivateProfileSectionW
FoldStringW
SetUnhandledExceptionFilter
GetCurrentProcessId
GetTickCount
UnhandledExceptionFilter
TerminateProcess
DeleteFileW

Sections

.text
Size: 139KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ