898c67798e503b6484da8cdb5286f8fc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

898c67798e503b6484da8cdb5286f8fc_JaffaCakes118
Size

153KB
MD5

898c67798e503b6484da8cdb5286f8fc
SHA1

e879da875cb15364a3566c08b82b1435192364d6
SHA256

8ff6dd71b3914486e2d535afa63c5aab93d9c2bb9181199999ec823ee3765e13
SHA512

3b440c27418c7735ac7d3aff282d6a267f850693477ad629e476d7441ccd667a180dbcb452c48bacec0e99fcd77f65a6bafdc0736d94eae7ab4ab547a795e19f
SSDEEP

3072:OYzCoWEbz2HDuvhST+lz0l+5gg7++EEnnhuRxJ0DglPQm:3OEmHX+Qugg7FnnOxJIm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
898c67798e503b6484da8cdb5286f8fc_JaffaCakes118

Files

898c67798e503b6484da8cdb5286f8fc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a699aa4e01cf51fcb00109e9040191d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shlwapi

PathCombineW
SHGetValueW
PathAppendW
PathRemoveFileSpecW
PathFileExistsW

comctl32

PropertySheetW

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

PostMessageW
SetWindowTextW
GetDC
IsWindow
DestroyWindow
ReleaseDC
SetWindowLongW
GetWindowModuleFileNameW
CreateCursor
IsDlgButtonChecked
PostQuitMessage
GetFocus
LoadIconW
GetDlgCtrlID
MsgWaitForMultipleObjects

kernel32

WriteConsoleInputVDMA
GetFullPathNameW
GetProcessHandleCount
SearchPathW
EnumResourceNamesA
FreeEnvironmentStringsW
MoveFileW
GetShortPathNameW
CompareFileTime
SetFileTime

shell32

SHFileOperationW
SHGetFolderPathW
ShellExecuteW
CommandLineToArgvW
ShellExecuteExW

ole32

CoTaskMemFree
CoInitializeEx
CoUninitialize
CreateStreamOnHGlobal
CoTaskMemAlloc
CoCreateInstance
CoInitialize

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ