d70c8ac3cec038919e22e724ad681761_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d70c8ac3cec038919e22e724ad681761_JaffaCakes118
Size

180KB
MD5

d70c8ac3cec038919e22e724ad681761
SHA1

41203aba4640fc1f437c5a1514e37967fede0448
SHA256

681253806e540b4e33df6e9f9bdea22244de4db06a5c11fff3fe073b55f02cf8
SHA512

9a3ddf83c174e125f65cef8d4b8a743d5ff91ed2d2c411e1a1b19df601331bf2c28168c5444866238a5c3f022d4f78e2eafb57de6de2c8beff4057120554dc56
SSDEEP

3072:2EcbHl8+05/jW5d0X/0h4YvIBQF02NwDGitBGvYoyute1hr32KMU+8XBWO6jePMm:UDl8+M/dJ4TFxMRt8wZute1hjFM78xWx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d70c8ac3cec038919e22e724ad681761_JaffaCakes118

Files

d70c8ac3cec038919e22e724ad681761_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9a4da2d95d440553bf1f3b8d6bd7bf16

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadWritePtr
HeapFree
HeapAlloc
SetLastError
GetSystemTimeAsFileTime
GetCurrentProcessId
HeapReAlloc
TlsAlloc
VirtualFree
EnumSystemLanguageGroupsW
HeapCreate
VirtualAlloc
GetWriteWatch
VirtualQuery
QueryPerformanceCounter
HeapDestroy
TlsFree

user32

GetWindow
SetWindowTextA
LoadStringA
DestroyIcon
LoadImageA
GetDlgItem
CreateWindowExA
GetParent

winmm

mciSendCommandA

shlwapi

PathAddBackslashW

shell32

SHGetMalloc
SHChangeNotify
SHGetPathFromIDListW

oleacc

CreateStdAccessibleObject
CreateStdAccessibleProxyA

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ