95d4240635d0f9968e58f3df1c5a2ea8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

95d4240635d0f9968e58f3df1c5a2ea8_JaffaCakes118
Size

171KB
MD5

95d4240635d0f9968e58f3df1c5a2ea8
SHA1

73a62cad64d16d78f0c076aab1a9eeeff1a22977
SHA256

964487f0f50b10a2b94041d531ad18c29f8c31a65bececbeb99ad0905939d36e
SHA512

d6981571ca60329c0e1ff870258044f44d87a04ef1d89bed50ac4909d2b4c8fa995a4f9a21c565aaa968d9c78f92135eea767b6aa3e1b4e8a76e81c6bce30734
SSDEEP

3072:2FVo7DnJJaoPmxwMNnn+gpcMoNaS9cG4IACvXlxQCTWSioYJSDPLUTH:6Vo7DJQoPmxw+nlWMXS9cGTvvXlxdWe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95d4240635d0f9968e58f3df1c5a2ea8_JaffaCakes118

Files

95d4240635d0f9968e58f3df1c5a2ea8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

71d1babde3b1f670b3ea2a61ba9a1820

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

shell32

CommandLineToArgvW
SHFileOperationW
ShellExecuteW
SHGetFolderPathW
ShellExecuteExW

ole32

CoTaskMemAlloc
CreateStreamOnHGlobal
CoInitializeEx
CoCreateInstance
CoUninitialize
CoTaskMemFree
CoInitialize

comctl32

PropertySheetW

shlwapi

SHGetValueW
PathCombineW
PathAppendW
PathRemoveFileSpecW
PathFileExistsW

user32

CreateCursor
DestroyWindow
GetDC
ReleaseDC
PostMessageW
SetWindowLongW
LoadIconW
PostQuitMessage
GetDlgCtrlID
GetFocus
GetWindowModuleFileNameW
IsWindow
SetWindowTextW
IsDlgButtonChecked
MsgWaitForMultipleObjects

kernel32

WriteConsoleInputVDMA
SearchPathW
GetProcessHandleCount
MoveFileW
EnumResourceNamesA
FreeEnvironmentStringsW
CompareFileTime
GetFullPathNameW
GetShortPathNameW
SetFileTime

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ