aef58ace320fb074823a4642016c274c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aef58ace320fb074823a4642016c274c_JaffaCakes118
Size

171KB
MD5

aef58ace320fb074823a4642016c274c
SHA1

405ad0a264112ac29520ecf0c8665bd69c2a1d1f
SHA256

d881d7740ec823d8f327ee1ffbba4af1134a4f90cc9824c0b93e67fe6cb540b1
SHA512

276a804b8bd8aa175130f864d55a3875d714c2a2d9587bafedf3f4d768c4d0fc21aea7c45a5cc14ea9a275424510e561123f3080c9d6b24fff31d07c9021496f
SSDEEP

3072:2FVo7DnJJaoPmxwMNnn+gpcMoNaS9cG4IACvXlxQCTWSioYJSDPLUTH:6Vo7DJQoPmxw+nlWMXS9cGTvvXlxdWe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aef58ace320fb074823a4642016c274c_JaffaCakes118

Files

aef58ace320fb074823a4642016c274c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

71d1babde3b1f670b3ea2a61ba9a1820

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

shell32

CommandLineToArgvW
SHFileOperationW
ShellExecuteW
SHGetFolderPathW
ShellExecuteExW

ole32

CoTaskMemAlloc
CreateStreamOnHGlobal
CoInitializeEx
CoCreateInstance
CoUninitialize
CoTaskMemFree
CoInitialize

comctl32

PropertySheetW

shlwapi

SHGetValueW
PathCombineW
PathAppendW
PathRemoveFileSpecW
PathFileExistsW

user32

CreateCursor
DestroyWindow
GetDC
ReleaseDC
PostMessageW
SetWindowLongW
LoadIconW
PostQuitMessage
GetDlgCtrlID
GetFocus
GetWindowModuleFileNameW
IsWindow
SetWindowTextW
IsDlgButtonChecked
MsgWaitForMultipleObjects

kernel32

WriteConsoleInputVDMA
SearchPathW
GetProcessHandleCount
MoveFileW
EnumResourceNamesA
FreeEnvironmentStringsW
CompareFileTime
GetFullPathNameW
GetShortPathNameW
SetFileTime

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ