0f4919d7accb6fff2c2510ced5b5fffd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f4919d7accb6fff2c2510ced5b5fffd_JaffaCakes118
Size

110KB
MD5

0f4919d7accb6fff2c2510ced5b5fffd
SHA1

015298b26495569315641dfc5ed96281d83df271
SHA256

1e2759a346d542da34e7158973a042f8cb62dbd9192964cf10acc3c7a7fd8dd7
SHA512

0f2ba1d242fd8555b53d91ead5ca45199a7d3814f597727ebe82bebeb4447c9c0b89012e283fc8056331c195471dd0226a9b2dbd3205600147b4054b906c7456
SSDEEP

1536:+I3uqtcm0VAoe7ULYSXxDOKFXvm5upXfCRU4Pe:73ZtcRKoe7ULYcvmIpXfOPe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f4919d7accb6fff2c2510ced5b5fffd_JaffaCakes118

Files

0f4919d7accb6fff2c2510ced5b5fffd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c4eed0f9fe1b5373666849834ca47a89

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsContentTypeA
SHQueryInfoKeyA
PathFileExistsA

comctl32

ImageList_GetBkColor
ImageList_DragShowNolock

kernel32

GetCommandLineA
LoadLibraryExA
GlobalAlloc
GetCPInfo
lstrlenA
ExitProcess
GetTickCount
GetStdHandle
HeapDestroy
GetEnvironmentStrings
GetLastError
VirtualAllocEx
MoveFileA
GetModuleHandleA
GetVersionExA
GetProcAddress
SetHandleCount

user32

CharNextW
SetParent
TrackPopupMenu
AdjustWindowRectEx
GetClipboardData
GetWindowRect
IsZoomed
RemoveMenu
InflateRect
GetSysColorBrush
WaitMessage
CharUpperBuffA
GetCursorPos
GetCursor
IsWindowEnabled
DestroyIcon
DispatchMessageW
LoadIconA
GetActiveWindow
BeginPaint
ScreenToClient
LoadCursorA

advapi32

RegQueryInfoKeyA

gdi32

SaveDC
GetDCOrgEx

shell32

SHGetDesktopFolder
DragQueryFileA
Shell_NotifyIconA

version

GetFileVersionInfoSizeA
VerInstallFileA

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE