4ac89ce2a7608a97228d63d98fb2ae8f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4ac89ce2a7608a97228d63d98fb2ae8f_JaffaCakes118
Size

159KB
MD5

4ac89ce2a7608a97228d63d98fb2ae8f
SHA1

ad1bfd38b93ab9bfab08a90cc46324baeb7946ee
SHA256

1ef65dc2ba9f9a97fce03830dd9ee62dbbad17eec472b10e5cd17d575c2a5269
SHA512

6e4f8a2bcadc3bc391373d1f95dae62947b109f2dd4c25e2e49248c894aa5b5fe8916f0749255c3402327579d4b63bb5d5d7e846b6d044167e546e51b115b70f
SSDEEP

3072:VbN0QyIB89HXM01K7XlvvR57hmpd6YPFZmQ4O1xyJEtIp+jP4ncE:BN0QfSRXPQX7hmpdNNssME6p0P4n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ac89ce2a7608a97228d63d98fb2ae8f_JaffaCakes118

Files

4ac89ce2a7608a97228d63d98fb2ae8f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

da1533d23b6f57afbf066a749c3bbb6e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHGetFolderPathW
SHFileOperationW
ShellExecuteW
CommandLineToArgvW
ShellExecuteExW

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoInitializeEx
CoCreateInstance
CreateStreamOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoInitialize

shlwapi

SHGetValueW
PathRemoveFileSpecW
PathAppendW
PathCombineW
PathFileExistsW

comctl32

PropertySheetW

kernel32

RegisterConsoleVDM
GetShortPathNameW
GetProcessHandleCount
CompareFileTime
EnumResourceNamesA
FreeEnvironmentStringsW
SearchPathW
MoveFileW
GetFullPathNameW
SetFileTime

user32

GetFocus
GetDC
IsDlgButtonChecked
ReleaseDC
PostQuitMessage
DestroyWindow
SetWindowLongW
PostMessageW
GetDlgCtrlID
SetWindowTextW
LoadIconW
GetWindowModuleFileNameW
IsWindow
CreateCursor
MsgWaitForMultipleObjects

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ