48276d2a6891b5170a4d39b0d7ae8a38_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

48276d2a6891b5170a4d39b0d7ae8a38_JaffaCakes118
Size

158KB
MD5

48276d2a6891b5170a4d39b0d7ae8a38
SHA1

b00da1a9c16f995bcca5ca8c7a1cf243e45c1db7
SHA256

1955520d79790bef270c8d19f7efd6c381fb8f086eb22cccfaf9356176300f48
SHA512

c51819d74f645ed58860eec925a008e308913f9e912b5554c5e779adc0fe05693a3e6fcb7e8924cef979b0ad7f205f67f9c1ef9dc5b10d843e1199f0ebc667c8
SSDEEP

3072:uK8c3cLmJjfST1Ku4heXwjO2VPA7kJpsIFMUAz:uK8scL51KVTjO2VPQQpsIFQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48276d2a6891b5170a4d39b0d7ae8a38_JaffaCakes118

Files

48276d2a6891b5170a4d39b0d7ae8a38_JaffaCakes118
.exe windows:4 windows x86 arch:x86

81ddcca013f99a5ff6f90a2e7276a521

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FillConsoleOutputAttribute
GetFullPathNameW
GetProcessPriorityBoost
CompareFileTime
EnumResourceNamesW
FreeEnvironmentStringsW
SearchPathW
MoveFileW
GetShortPathNameW
SetFileTime

shell32

ShellExecuteW
CommandLineToArgvW
SHGetFolderPathW
SHFileOperationW
ShellExecuteExW

comctl32

PropertySheetW

user32

IsDlgButtonChecked
IsWindow
IsWindowEnabled
PostMessageW
CreateCursor
GetDC
GetFocus
GetDlgCtrlID
SetWindowLongW
LoadIconW
DestroyWindow
ReleaseDC
PostQuitMessage
SetWindowTextW
MsgWaitForMultipleObjects

ole32

CoTaskMemAlloc
CoInitializeEx
CoCreateInstance
CreateStreamOnHGlobal
CoTaskMemFree
CoUninitialize
CoInitialize

shlwapi

PathRemoveFileSpecW
PathCombineW
PathAppendW
SHGetValueW
PathFileExistsW

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ