3e69175957a3870e57a0c5425666f66f_JaffaCakes118 | Triage

Sharing

General

Target

3e69175957a3870e57a0c5425666f66f_JaffaCakes118
Size

169KB
MD5

3e69175957a3870e57a0c5425666f66f
SHA1

8a2cf0846c575d2f460f3eb0c51f127a493601db
SHA256

62a37e22fdd3163e260ad6cda25939eb241e95965fc16e005b5f4487e23abbf6
SHA512

c1287b960ec3ade13e0d7659568ef29a432cd165be5e3b04a47acca054153588036c86b4ad11db886f883aee83e9323c74aacec7151b2931cdf074fccea9c814
SSDEEP

3072:re0JP0qZihE4htlkGJSwIc5SXdJmp3UEWZ7e2bWN5N+SKQ4f3k1iVTk:reyP0VwGk3lOpjnoSKFUek

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e69175957a3870e57a0c5425666f66f_JaffaCakes118

Files

3e69175957a3870e57a0c5425666f66f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

075ce29b5385004f96af05cf02129797

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

SetWindowLongW
IsDlgButtonChecked
SetWindowTextW
PostQuitMessage
LoadIconW
GetDlgCtrlID
ReleaseDC
CreateCursor
IsWindowEnabled
PostMessageW
GetFocus
GetDC
IsWindow
DestroyWindow
MsgWaitForMultipleObjects

shlwapi

PathCombineW
PathAppendW
PathRemoveFileSpecW
SHGetValueW
PathFileExistsW

kernel32

FillConsoleOutputAttribute
CompareFileTime
GetProcessPriorityBoost
GetShortPathNameW
EnumResourceNamesW
FreeEnvironmentStringsW
GetFullPathNameW
MoveFileW
SearchPathW
SetFileTime

shell32

CommandLineToArgvW
ShellExecuteW
SHGetFolderPathW
SHFileOperationW
ShellExecuteExW

comctl32

PropertySheetW

ole32

CoInitializeEx
CoUninitialize
CoTaskMemFree
CoCreateInstance
CreateStreamOnHGlobal
CoTaskMemAlloc
CoInitialize

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ