64834e276a9decf347d6ea40beb84e1a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

64834e276a9decf347d6ea40beb84e1a_JaffaCakes118
Size

165KB
MD5

64834e276a9decf347d6ea40beb84e1a
SHA1

eb201aac8264067483503b43ed7165b26a48235a
SHA256

d43aedb1cc721e658a9838ab6e104b7ba0b69f034017c62df81643e6bd2181f7
SHA512

72b120c45b86db87e33726c6af385c81902836c748a1dfbe9470492f33d9aa6fa82ada41dc134874fdb02627945e7db55eef4573b97ca701345187a5351638d6
SSDEEP

3072:Uj8ZDA1Wj7U+BCtDUGP3esZhcZUdbbG1b26p5ta/X5NYNuC404TcfnlO/L:e8N1GGs0OG26vta/J0JZEG2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64834e276a9decf347d6ea40beb84e1a_JaffaCakes118

Files

64834e276a9decf347d6ea40beb84e1a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

500c31c4796ba29a35cbaeed1d849a7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

PropertySheetW

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoCreateInstance
CreateStreamOnHGlobal
CoTaskMemFree
CoInitializeEx
CoTaskMemAlloc
CoUninitialize
CoInitialize

kernel32

WriteConsoleInputVDMA
CompareFileTime
GetProcessHandleCount
SearchPathW
EnumResourceNamesA
FreeEnvironmentStringsW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SetFileTime

shlwapi

PathAppendW
PathRemoveFileSpecW
PathCombineW
SHGetValueW
PathFileExistsW

shell32

SHGetFolderPathW
ShellExecuteW
SHFileOperationW
CommandLineToArgvW
ShellExecuteExW

user32

ReleaseDC
IsDlgButtonChecked
PostMessageW
IsWindow
GetDC
GetDlgCtrlID
LoadIconW
SetWindowTextW
GetFocus
GetWindowModuleFileNameW
CreateCursor
DestroyWindow
SetWindowLongW
PostQuitMessage
MsgWaitForMultipleObjects

Sections

.text
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ