2f7cb5b75c57003012d67acd4b4325a5_JaffaCakes118 | Triage

Sharing

General

Target

2f7cb5b75c57003012d67acd4b4325a5_JaffaCakes118
Size

159KB
MD5

2f7cb5b75c57003012d67acd4b4325a5
SHA1

38cfda9c64976e0e1f952cd1b31826c011682444
SHA256

76e2f74641517e32e67f570cefd881b18ece5d5dcce54200852b8e42e5d2c838
SHA512

8c8de442d4daf70ba730efdec50585b2fd4c19be56a5f6234829566a7f3911e852e4eef16a99617d1086abfdf1867133979c6a7de69f8661b2324044447d42a9
SSDEEP

3072:VbN0QyIB89HXM01K7XlvvR57hmpd6YPFZmQ4O1xyJEtIp+jP4ncE:BN0QfSRXPQX7hmpdNNssME6p0P4n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f7cb5b75c57003012d67acd4b4325a5_JaffaCakes118

Files

2f7cb5b75c57003012d67acd4b4325a5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

da1533d23b6f57afbf066a749c3bbb6e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHGetFolderPathW
SHFileOperationW
ShellExecuteW
CommandLineToArgvW
ShellExecuteExW

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoInitializeEx
CoCreateInstance
CreateStreamOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoInitialize

shlwapi

SHGetValueW
PathRemoveFileSpecW
PathAppendW
PathCombineW
PathFileExistsW

comctl32

PropertySheetW

kernel32

RegisterConsoleVDM
GetShortPathNameW
GetProcessHandleCount
CompareFileTime
EnumResourceNamesA
FreeEnvironmentStringsW
SearchPathW
MoveFileW
GetFullPathNameW
SetFileTime

user32

GetFocus
GetDC
IsDlgButtonChecked
ReleaseDC
PostQuitMessage
DestroyWindow
SetWindowLongW
PostMessageW
GetDlgCtrlID
SetWindowTextW
LoadIconW
GetWindowModuleFileNameW
IsWindow
CreateCursor
MsgWaitForMultipleObjects

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ