JaffaCakes118_6df47399832469092d93a843afe8a801 | Triage

Sharing

General

Target

JaffaCakes118_6df47399832469092d93a843afe8a801
Size

159KB
MD5

6df47399832469092d93a843afe8a801
SHA1

907084fd9859df90912f3d4a1326f36f7016578f
SHA256

cff9b7d9b4a76d76c4f17647e0f9ea642b9022c29c8f35ec2feb0d2e98caed98
SHA512

7b7d8f48f5f283a8d558a4db84b46baf30cc71fb28520643bfc5cb10a1ddf3c3e0539ff6cdeb86030ee482fe3f72d3922d45bdceb3a3f97e39d75d51630428a1
SSDEEP

3072:z/VuDWDCXNuM+LAK/T3XBneCb33g88EkbezmBnA/2AltHLsRqX:zwDWEN9oJr3VX9qbQmBnA/Nbv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6df47399832469092d93a843afe8a801

Files

JaffaCakes118_6df47399832469092d93a843afe8a801
.exe windows:4 windows x86 arch:x86

80fd1b5180114c861740e505e2936635

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

shell32

SHGetFolderPathW
ShellExecuteW
CommandLineToArgvW
SHFileOperationW
ShellExecuteExW

user32

PostQuitMessage
IsDlgButtonChecked
LoadIconW
SetWindowTextW
SetWindowLongW
PostMessageW
GetDC
IsWindow
GetFocus
ReleaseDC
IsWindowEnabled
DestroyWindow
CreateCursor
GetDlgCtrlID
MsgWaitForMultipleObjects

comctl32

PropertySheetW

shlwapi

PathAppendW
SHGetValueW
PathCombineW
PathRemoveFileSpecW
PathFileExistsW

kernel32

FillConsoleOutputAttribute
MoveFileW
GetProcessPriorityBoost
GetFullPathNameW
EnumResourceNamesW
FreeEnvironmentStringsW
SearchPathW
GetShortPathNameW
CompareFileTime
SetFileTime

ole32

CoTaskMemFree
CoCreateInstance
CoInitializeEx
CoTaskMemAlloc
CoUninitialize
CreateStreamOnHGlobal
CoInitialize

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ