ac3359ddeeceb552154ff13c109e924e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac3359ddeeceb552154ff13c109e924e_JaffaCakes118
Size

49KB
MD5

ac3359ddeeceb552154ff13c109e924e
SHA1

aa8d7192a53c20a35ca2cabe21bbf56a5ed01e6c
SHA256

c0b75182b608f88011649520750bb79f821c840c76631bdc6c25665e0de77cf6
SHA512

82bc633dffd8eff2a9d9b0a3aaf0a5591f67dbf6ce189d6dbd701bb09d7510112aaf093de7168a519ca561ffd605ff81756a79364e01adea91ece24133d1cc94
SSDEEP

768:RbgyDvS7ysrvhXisndArW4+3TwMVmaDlzyr9WiK0H7gxrs8lDZiTvSXV:Syu7yYv5rCrWxTtNNyg567Ss8W6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac3359ddeeceb552154ff13c109e924e_JaffaCakes118

Files

ac3359ddeeceb552154ff13c109e924e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c8cbba8b4c5d533aaf42ac891e59f3c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
ExitProcess
GetCommMask
GetCommandLineA
GetDateFormatW
GetQueuedCompletionStatus
GetStringTypeExW
Heap32Next
OpenEventW
ResumeThread
WaitForMultipleObjectsEx
WriteProcessMemory

user32

CreateIcon
GetParent
HiliteMenuItem
InsertMenuItemA
MessageBoxA

shell32

Control_FillCache_RunDLLA
DllGetClassObject
DragAcceptFiles
FreeIconList
RealShellExecuteExA
SHBrowseForFolder
SHEmptyRecycleBinA
SHFileOperationW
SHQueryRecycleBinW
ShellExecuteEx

gdi32

CheckColorsInGamut
CreateCompatibleDC
CreatePalette
CreateScalableFontResourceW
EnumICMProfilesA
GdiPlayDCScript
GdiSetBatchLimit
GetClipBox
GetTextCharsetInfo
PolyPolyline
SetAbortProc
SetDIBits
StrokePath

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE