70d27ca0f19f29d111ba060147e8c0f2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

70d27ca0f19f29d111ba060147e8c0f2_JaffaCakes118
Size

181KB
MD5

70d27ca0f19f29d111ba060147e8c0f2
SHA1

0565a6157e8492404ab1b33e5bc3b57ea6885e43
SHA256

eee6cac42dbdf5a8ae3add0d3566ca80e211c6873edb3ddb3e15aa522163ed00
SHA512

a1a97d547428027f1155eb666cad231b539f8dbb371d3553c9a8568386c60a06073b23a5bf85939bfbc0fe498de0e8eb8047a713e9e122d1851d30d48acaa4e5
SSDEEP

3072:v/7NdblgVH9B5Cxa+krjGOh9E4vkMHOI9uL01ASk+DWkaKHWhC0B42HcH59:v/7nBqH8xa+ROh24rHOquLsHbx0BNHA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70d27ca0f19f29d111ba060147e8c0f2_JaffaCakes118

Files

70d27ca0f19f29d111ba060147e8c0f2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c54ac2b5da9019efb622ea251f6b9a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dciman32

DCIBeginAccess

shlwapi

SHRegCloseUSKey
PathFindFileNameA
PathFileExistsA
PathFileExistsW
PathAddExtensionA
PathRemoveBackslashA
PathAppendA
PathAppendA

shell32

SHGetSpecialFolderPathW
SHGetFolderPathA
SHCreateDirectoryExA
SHChangeNotify
SHCreateDirectoryExW
SHGetSpecialFolderPathA

kernel32

GetModuleHandleA
EnterCriticalSection
GetProcAddress
WideCharToMultiByte
MultiByteToWideChar
GetACP
GetLastError
GetProcessVersion
FreeLibrary
GetLocaleInfoW
GetModuleFileNameA
ExitProcess
GetModuleHandleW
lstrlenA
LoadLibraryA
OutputDebugStringA
GetVersionExA
GetVersionExW
LeaveCriticalSection
lstrlenW
GetThreadLocale
InterlockedExchange
CreateDirectoryA

user32

GetLastActivePopup
GetWindowRect
SetRect
EnumWindowStationsA
SetForegroundWindow
ShowWindow
IsIconic
GetClientRect

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE