54b6ce7bd0e9bc4482714165c17763b3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

54b6ce7bd0e9bc4482714165c17763b3_JaffaCakes118
Size

159KB
MD5

54b6ce7bd0e9bc4482714165c17763b3
SHA1

7fd980bdb97cb3c9dd5c31ab5c7b4d0ed7eaa33b
SHA256

7087b4c321291ea13491da7e99256282bb08acff9c71837477d66f64c1c8b577
SHA512

a7b027a056ab8cfbaea5aaba456caf7c778b43b3bb1a7cc678cf0f90d50bed80f661a974686729730c34b2cc25a75d2f229eb3059052f950ec2cac3405e08b9f
SSDEEP

3072:VbN0QyIB89HXM01K7XlvvR57hmpd6YPFZmQ4O1xyJEtIp+jP4ncE:BN0QfSRXPQX7hmpdNNssME6p0P4n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54b6ce7bd0e9bc4482714165c17763b3_JaffaCakes118

Files

54b6ce7bd0e9bc4482714165c17763b3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

da1533d23b6f57afbf066a749c3bbb6e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHGetFolderPathW
SHFileOperationW
ShellExecuteW
CommandLineToArgvW
ShellExecuteExW

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoInitializeEx
CoCreateInstance
CreateStreamOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoInitialize

shlwapi

SHGetValueW
PathRemoveFileSpecW
PathAppendW
PathCombineW
PathFileExistsW

comctl32

PropertySheetW

kernel32

RegisterConsoleVDM
GetShortPathNameW
GetProcessHandleCount
CompareFileTime
EnumResourceNamesA
FreeEnvironmentStringsW
SearchPathW
MoveFileW
GetFullPathNameW
SetFileTime

user32

GetFocus
GetDC
IsDlgButtonChecked
ReleaseDC
PostQuitMessage
DestroyWindow
SetWindowLongW
PostMessageW
GetDlgCtrlID
SetWindowTextW
LoadIconW
GetWindowModuleFileNameW
IsWindow
CreateCursor
MsgWaitForMultipleObjects

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ