43dd4168fb520e52c9dd0bd450784cc0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

43dd4168fb520e52c9dd0bd450784cc0_JaffaCakes118
Size

151KB
MD5

43dd4168fb520e52c9dd0bd450784cc0
SHA1

975f8ea799e4ff979679598ff818cf5b98b9c2d8
SHA256

a5e2bca6b71405218e8dfe7b7da42edb27f999beafc6c48d34c7f2bfeb9bdb11
SHA512

37c32043048a5af73b9511a6d11fa57c2ea9fcbafbd0282ab354405c11f817b06e7824ec6cc4c7522a9ff4737343a78521d199ff0fdf39e2f563146b7a9f6ec7
SSDEEP

3072:ymXCrenfD4Wdh6YxLLAoxGScMqqdsm+sl0JksPFE61AVFAG:yy90G0GLMoxGSVqQSksPFEDVO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43dd4168fb520e52c9dd0bd450784cc0_JaffaCakes118

Files

43dd4168fb520e52c9dd0bd450784cc0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e4cccf6427dddf80c9b5c5819ac0e6e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHFileOperationW
SHGetFolderPathW
CommandLineToArgvW
ShellExecuteW
ShellExecuteExW

shlwapi

SHGetValueW
PathAppendW
PathRemoveFileSpecW
PathCombineW
PathFileExistsW

comctl32

PropertySheetW

ole32

CreateStreamOnHGlobal
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoInitializeEx
CoCreateInstance
CoInitialize

user32

CreateCursor
GetDC
SetWindowTextW
IsWindowEnabled
LoadIconW
IsDlgButtonChecked
PostMessageW
SetWindowLongW
DestroyWindow
ReleaseDC
GetFocus
PostQuitMessage
IsWindow
GetDlgCtrlID
MsgWaitForMultipleObjects

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

FillConsoleOutputAttribute
SearchPathW
GetProcessPriorityBoost
GetFullPathNameW
EnumResourceNamesW
FreeEnvironmentStringsW
MoveFileW
CompareFileTime
GetShortPathNameW
SetFileTime

Sections

.text
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ