3ce34cd6be31ffd7f165700ebe220c07_JaffaCakes118 | Triage

Sharing

General

Target

3ce34cd6be31ffd7f165700ebe220c07_JaffaCakes118
Size

162KB
MD5

3ce34cd6be31ffd7f165700ebe220c07
SHA1

b5a9821960bc63957ce2855562d7a4524ef04371
SHA256

04bc88ddbbf3d087002c780ed47cbcf5b3176c26d266e3a56870c3de47a6f08f
SHA512

1ccaa2e25b664a3bc92ae6b3d6643c4fbb1ff1c3035e9208503bff9ef9a759a624e8a8611c0afc45daa9e0e6c7f58e2e28ffa1b225f91f2b38d73efd667856fd
SSDEEP

3072:AHOef1VXAuD1fY8Z6iLMDzK5YMwF9fCUFgvYrrsnTFADdWdvdpa80DSCegqTX:AHOesu1S+MqyMwFRCUFUYroeDdK+fpeV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ce34cd6be31ffd7f165700ebe220c07_JaffaCakes118

Files

3ce34cd6be31ffd7f165700ebe220c07_JaffaCakes118
.exe windows:4 windows x86 arch:x86

43186bedd83ae9ce3b0233b29bc4f323

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

RegisterConsoleVDM
MoveFileW
GetProcessHandleCount
GetShortPathNameW
EnumResourceNamesA
FreeEnvironmentStringsW
SearchPathW
CompareFileTime
GetFullPathNameW
SetFileTime

shell32

SHFileOperationW
SHGetFolderPathW
CommandLineToArgvW
ShellExecuteW
ShellExecuteExW

shlwapi

PathAppendW
PathRemoveFileSpecW
PathCombineW
SHGetValueW
PathFileExistsW

ole32

CreateStreamOnHGlobal
CoInitializeEx
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
CoInitialize

user32

GetWindowModuleFileNameW
ReleaseDC
CreateCursor
IsWindow
GetDlgCtrlID
GetDC
PostMessageW
SetWindowTextW
GetFocus
IsDlgButtonChecked
SetWindowLongW
LoadIconW
PostQuitMessage
DestroyWindow
MsgWaitForMultipleObjects

comctl32

PropertySheetW

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ