74679db4d0d5aeddcac74e5ea3e6232e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

74679db4d0d5aeddcac74e5ea3e6232e_JaffaCakes118
Size

171KB
MD5

74679db4d0d5aeddcac74e5ea3e6232e
SHA1

f2d688efa8bcc2a0b12bb96cf05044108519b073
SHA256

9446941f46e2c94731ef32f2d68737623b03772fc6254df2cb66719c4868648d
SHA512

80eb7b9691397759f014eb06057a034a497c82864f26a779bc6f65a033f7ab22efa2935491491fd739cd524010888f827b7e3bd420370be5d04d1f5b45b2f556
SSDEEP

3072:czm2XMkovrf6AmNvJmn+Ln2LuBUwYJNvm1Zy/Fyj/zxvn57in62tLcP3W8op:czbMk0ryAUU+KSBHgM1ZeyH7i99L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74679db4d0d5aeddcac74e5ea3e6232e_JaffaCakes118

Files

74679db4d0d5aeddcac74e5ea3e6232e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30177283b1f3adafe444cf37a65980c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

PropertySheetW

user32

DestroyWindow
GetDC
GetDlgCtrlID
IsWindow
GetFocus
PostMessageW
PostQuitMessage
SetWindowTextW
CreateCursor
IsDlgButtonChecked
ReleaseDC
SetWindowLongW
LoadIconW
GetWindowModuleFileNameW
MsgWaitForMultipleObjects

ole32

CoTaskMemAlloc
CoInitializeEx
CreateStreamOnHGlobal
CoCreateInstance
CoTaskMemFree
CoUninitialize
CoInitialize

kernel32

RegisterConsoleVDM
SearchPathW
GetProcessHandleCount
MoveFileW
EnumResourceNamesA
FreeEnvironmentStringsW
GetFullPathNameW
GetShortPathNameW
CompareFileTime
SetFileTime

shlwapi

PathAppendW
PathCombineW
PathRemoveFileSpecW
SHGetValueW
PathFileExistsW

shell32

ShellExecuteW
CommandLineToArgvW
SHFileOperationW
SHGetFolderPathW
ShellExecuteExW

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ