447b0d7062349742d782a83e4e2c5842_JaffaCakes118 | Triage

Sharing

General

Target

447b0d7062349742d782a83e4e2c5842_JaffaCakes118
Size

152KB
MD5

447b0d7062349742d782a83e4e2c5842
SHA1

35d0560817e77f59387d8641721a0ce12e2804d5
SHA256

922b8a1d77d3393337a5ebdd3bf07a042f905577dc92489ca10f95adc5b82827
SHA512

146834618044a030a6270cdfff46f9181666e863c7d2aa584a0c841d4c9a0da45721c4e35b01be3d79d74278c7a905da2d8a3ec5089ae1166a1c19b0c2f5e809
SSDEEP

3072:UZ6VnU7hU0uHYViWzmkLvI1Tjj8p8UqM+3Z4+zL+1OCb+It:RnU7G3Ai2MNk+BeM6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
447b0d7062349742d782a83e4e2c5842_JaffaCakes118

Files

447b0d7062349742d782a83e4e2c5842_JaffaCakes118
.exe windows:4 windows x86 arch:x86

92cfdd3ea18d28c7690645fc63e9c70d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

PropertySheetW

user32

SetWindowLongW
SetWindowTextW
GetFocus
GetDlgCtrlID
GetDC
ReleaseDC
IsWindow
LoadIconW
DestroyWindow
CreateCursor
PostMessageW
GetWindowModuleFileNameW
IsDlgButtonChecked
PostQuitMessage
MsgWaitForMultipleObjects

kernel32

WriteConsoleInputVDMA
CompareFileTime
GetProcessHandleCount
GetFullPathNameW
EnumResourceNamesA
FreeEnvironmentStringsW
GetShortPathNameW
SearchPathW
MoveFileW
SetFileTime

oleacc

LresultFromObject
CreateStdAccessibleObject

shell32

ShellExecuteW
SHGetFolderPathW
CommandLineToArgvW
SHFileOperationW
ShellExecuteExW

shlwapi

PathRemoveFileSpecW
PathAppendW
SHGetValueW
PathCombineW
PathFileExistsW

ole32

CreateStreamOnHGlobal
CoUninitialize
CoCreateInstance
CoTaskMemFree
CoInitializeEx
CoTaskMemAlloc
CoInitialize

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ