03a802488753b7c5595223870c9c33a4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03a802488753b7c5595223870c9c33a4_JaffaCakes118
Size

152KB
MD5

03a802488753b7c5595223870c9c33a4
SHA1

7b3f3cc27dd28c88926ad8d54a15d5ee12d0be6b
SHA256

b7134b1972152108e4072bbdc35dc933a09b8761ad453e5d04e98475c1c06810
SHA512

035c3899c24b86435fbe150f9bc04218cb75427e43571e7857c7c488b6d4ae91c3a1c9437e62dddfb7f6d9426fe744e8aac1f528274aa4b11e5a6159c7d72c5c
SSDEEP

3072:WxDgR3sjBUwFEwQqu5Onkr7rTY0DzuhAGfQ6sEY3uO/T:Wl63OEwW55s0+hAGT5gus

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03a802488753b7c5595223870c9c33a4_JaffaCakes118

Files

03a802488753b7c5595223870c9c33a4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6940211c482b4c08d1f88fb3b2abfeb6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteConsoleInputVDMA
GetShortPathNameW
GetProcessHandleCount
SearchPathW
EnumResourceNamesA
FreeEnvironmentStringsW
MoveFileW
GetFullPathNameW
CompareFileTime
SetFileTime

shell32

CommandLineToArgvW
SHGetFolderPathW
SHFileOperationW
ShellExecuteW
ShellExecuteExW

user32

CreateCursor
IsWindow
SetWindowTextW
LoadIconW
ReleaseDC
IsDlgButtonChecked
GetWindowModuleFileNameW
PostQuitMessage
GetDlgCtrlID
DestroyWindow
SetWindowLongW
GetDC
GetFocus
PostMessageW
MsgWaitForMultipleObjects

ole32

CoCreateInstance
CreateStreamOnHGlobal
CoUninitialize
CoInitializeEx
CoTaskMemAlloc
CoTaskMemFree
CoInitialize

comctl32

PropertySheetW

shlwapi

PathCombineW
PathAppendW
SHGetValueW
PathRemoveFileSpecW
PathFileExistsW

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ