74e4c817f8f67a151fea009303f0ce8c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

74e4c817f8f67a151fea009303f0ce8c_JaffaCakes118
Size

141KB
MD5

74e4c817f8f67a151fea009303f0ce8c
SHA1

1f38dea13c1f2e7a726b2e905cca5cd004fe3dbe
SHA256

71eb8834230c81a147911f946d493dd81af2ef41a0d7f23663ab67a6a0c3d355
SHA512

028931f5064aca0f4023229e2c30771424d08ceb1fcc22c4947f008471f0b8f23bf255d2aca5d91878db2b444266ba961c50b993fd6ac3e2c8a709a3edf6b9c1
SSDEEP

3072:4WrEThTWdKUI3f+oon77VBogHhfWrLFDL0RZoF3:0PUI3fQnLtHUrLFDL0RWF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74e4c817f8f67a151fea009303f0ce8c_JaffaCakes118

Files

74e4c817f8f67a151fea009303f0ce8c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

45f69def3b310af270601a36c9cde23f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
FindFirstFileW
FlushFileBuffers
GetEnvironmentStrings
GetEnvironmentVariableA
GetFileSize
GetLocaleInfoA
GetSystemDirectoryW
GetSystemTime
GetTempFileNameA
InterlockedExchange
LeaveCriticalSection
LocalFileTimeToFileTime
SetFilePointer
SizeofResource
WaitForMultipleObjects
lstrlenW

user32

BeginPaint
CallWindowProcA
GetDesktopWindow
GetDlgItem
GetSubMenu
GetSystemMetrics
IsWindow

gdi32

CreateDIBitmap
GetStockObject
LineTo

shell32

DragQueryFile
DragQueryPoint
FindExecutableW
SHGetFolderPathW
SHGetPathFromIDListA
SHGetSettings
ShellExecuteA
Shell_NotifyIconW

comctl32

CreatePropertySheetPageA
InitCommonControlsEx
PropertySheetW

Sections

.text
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ