67997f8b2b7efed137fa70fc400c00d2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

67997f8b2b7efed137fa70fc400c00d2_JaffaCakes118
Size

153KB
MD5

67997f8b2b7efed137fa70fc400c00d2
SHA1

84120ea2985d3008d80d22975b2f7d5a9f868ed1
SHA256

f8b8c193563bec712c9735f110a603243d08cee423d6be2146a4048bb5f22d14
SHA512

77a0498960e6495a265b326f80d2461666147212f97487c2c6d5ecaaa423f327aa17848b2697b15681ce810532a92bcf5902645fdb7d97bf18c145324a0c3ffc
SSDEEP

3072:pjZRpm6jatPjkz6EeZOA1XGfs7iK9RxSol0YNO+3JKYWa0X0xM:plRpLjaRYbA1XGfMBgole+3IYCX0x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67997f8b2b7efed137fa70fc400c00d2_JaffaCakes118

Files

67997f8b2b7efed137fa70fc400c00d2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

abd1feac1ada2730e48779ad2ee4e7fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FillConsoleOutputAttribute
MoveFileW
GetProcessPriorityBoost
CompareFileTime
EnumResourceNamesW
FreeEnvironmentStringsW
GetFullPathNameW
GetShortPathNameW
SearchPathW
SetFileTime

shlwapi

PathRemoveFileSpecW
PathCombineW
PathAppendW
SHGetValueW
PathFileExistsW

comctl32

PropertySheetW

oleacc

LresultFromObject
CreateStdAccessibleObject

shell32

CommandLineToArgvW
SHFileOperationW
ShellExecuteW
SHGetFolderPathW
ShellExecuteExW

user32

PostMessageW
GetFocus
ReleaseDC
IsWindow
CreateCursor
GetDlgCtrlID
LoadIconW
SetWindowLongW
GetDC
PostQuitMessage
DestroyWindow
SetWindowTextW
IsWindowEnabled
IsDlgButtonChecked
MsgWaitForMultipleObjects

ole32

CoCreateInstance
CreateStreamOnHGlobal
CoInitializeEx
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoInitialize

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ