06ac8c596166b61934aad507987dc415_JaffaCakes118 | Triage

Sharing

General

Target

06ac8c596166b61934aad507987dc415_JaffaCakes118
Size

404KB
MD5

06ac8c596166b61934aad507987dc415
SHA1

348f6f4e19301418107bf279adfbb9285fd59a18
SHA256

dc78123b0d141e8b7b7c75e584efe70aa47ebd8468072bfe7c5ec85e4bd4c2bf
SHA512

c563cc54dfe609c4f2413325b96448f66b7ed8b56bb1d96afbf7f4c867c887119233fb0a8bd8341d6ab22469320c5b2a14162f3c44f103ae3990d5c45337a50d
SSDEEP

6144:5gmr9VP9A/XgqNJ9secDBbZMzDxOeYTaYnTkTm3Q42sb85MSViwcimejOh3hT5kE:51RA/Xz9HcDBVMPhYOmA3sB2hmejMhV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06ac8c596166b61934aad507987dc415_JaffaCakes118

Files

06ac8c596166b61934aad507987dc415_JaffaCakes118
.exe windows:65025 windows x86 arch:x86

26ad20c6d6f15cf55c8a125551c898e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumValueW
AdjustTokenPrivileges
GetTokenInformation
GetLengthSid
CloseServiceHandle
InitializeAcl
GetTokenInformation
RegSetValueExA
AddAccessAllowedAce
RegQueryInfoKeyW

shell32

ExtractIconW
ShellExecuteExW
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetSpecialFolderLocation
DragAcceptFiles
Shell_NotifyIconW
SHGetPathFromIDListW

kernel32

CloseHandle
QueryPerformanceCounter
LocalFree
GetProcessHeap
LoadLibraryA
VirtualAlloc
GetModuleHandleA
ExitProcess
lstrlenW

gdi32

CreateBitmap
GetTextMetricsW
SetTextColor
CreateCompatibleBitmap
CreateSolidBrush
GetTextExtentPoint32W

user32

DestroyMenu
SendMessageA
FillRect
SetWindowPos
GetCursorPos
SetForegroundWindow
CallWindowProcW
SendDlgItemMessageW

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 388KB - Virtual size: 964KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ