42979e1de23d9a437ca444ad5ddc10e9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

42979e1de23d9a437ca444ad5ddc10e9_JaffaCakes118
Size

163KB
MD5

42979e1de23d9a437ca444ad5ddc10e9
SHA1

3c3b410fa9c77a42554ebe31d1bcded63232a17d
SHA256

ab9efd048e715ef5433512ca4718fd5945092474aaf63c29813c6e497a626665
SHA512

97c100df8fa5617a8e73c425cc6625457a1f36a97b6b444fbc4ffb14736aa797a5d1e6c65ede2a33a513629e2ea6e4c2c85746bcad6aa3e6c9c8fd916020faec
SSDEEP

3072:XBqzAMlGaNFNR7aH3F4P60oySjFsCpaejKEudX3BEm:ofGqiH1QvoyecqBudHGm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42979e1de23d9a437ca444ad5ddc10e9_JaffaCakes118

Files

42979e1de23d9a437ca444ad5ddc10e9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c0fd160957d244ff7a825ec7fd068bb8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

PropertySheetW

user32

ReleaseDC
GetWindowModuleFileNameW
DestroyWindow
PostQuitMessage
SetWindowTextW
PostMessageW
IsDlgButtonChecked
GetDlgCtrlID
SetWindowLongW
GetDC
CreateCursor
LoadIconW
IsWindow
GetFocus
MsgWaitForMultipleObjects

ole32

CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoInitializeEx
CoUninitialize
CreateStreamOnHGlobal
CoInitialize

kernel32

RegisterConsoleVDM
MoveFileW
GetProcessHandleCount
SearchPathW
EnumResourceNamesA
FreeEnvironmentStringsW
GetShortPathNameW
GetFullPathNameW
CompareFileTime
SetFileTime

oleacc

LresultFromObject
CreateStdAccessibleObject

shell32

CommandLineToArgvW
SHGetFolderPathW
SHFileOperationW
ShellExecuteW
ShellExecuteExW

shlwapi

PathRemoveFileSpecW
PathAppendW
PathCombineW
SHGetValueW
PathFileExistsW

Sections

.text
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ