f708dd95a79a9b992ac0f49910151741_JaffaCakes118 | Triage

Sharing

General

Target

f708dd95a79a9b992ac0f49910151741_JaffaCakes118
Size

165KB
MD5

f708dd95a79a9b992ac0f49910151741
SHA1

580ad861f01001eca3547cbbd3618edf59909a9f
SHA256

bbfba775d9f80238bef81390e896ce17d203e30201a3dc75f104f20b5ea0d855
SHA512

91f62ccef9a824fc6db7a7fb9aa97074c5ed26623ba3bc9ff3eb3d3a1bd65954f90cc09caa263c45985a60b5f8db7111523ada3ea987d28afe7fc5051407e789
SSDEEP

3072:ffdN7Ukm4khgdQHs5vfd+tOtv3AZi1z/lb5mxodrqwUPfzXYLS2xm5Hi:f104YsNFu/sB5yodewUzh2oC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f708dd95a79a9b992ac0f49910151741_JaffaCakes118

Files

f708dd95a79a9b992ac0f49910151741_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2d5d3185e46fe11a0af5304fb76bab7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

PropertySheetW

kernel32

WriteConsoleInputVDMA
GetShortPathNameW
GetProcessHandleCount
CompareFileTime
EnumResourceNamesA
FreeEnvironmentStringsW
GetFullPathNameW
SearchPathW
MoveFileW
SetFileTime

ole32

CoUninitialize
CoTaskMemFree
CreateStreamOnHGlobal
CoCreateInstance
CoInitializeEx
CoTaskMemAlloc
CoInitialize

oleacc

LresultFromObject
CreateStdAccessibleObject

shell32

SHGetFolderPathW
SHFileOperationW
CommandLineToArgvW
ShellExecuteW
ShellExecuteExW

user32

GetDC
SetWindowLongW
DestroyWindow
SetWindowTextW
IsWindow
CreateCursor
GetDlgCtrlID
PostQuitMessage
LoadIconW
ReleaseDC
IsDlgButtonChecked
PostMessageW
GetFocus
GetWindowModuleFileNameW
MsgWaitForMultipleObjects

shlwapi

PathRemoveFileSpecW
PathAppendW
SHGetValueW
PathCombineW
PathFileExistsW

Sections

.text
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ