JaffaCakes118_7817a43cf7f7350b05344ec4cce3183b | Triage

Sharing

General

Target

JaffaCakes118_7817a43cf7f7350b05344ec4cce3183b
Size

163KB
MD5

7817a43cf7f7350b05344ec4cce3183b
SHA1

d7f6eaee04a9589b6e85fbd384390f46d75df400
SHA256

4ca9d12e46b0f6c02aeca689eb943179e4a7b461cd643b535de1aa79abe799ee
SHA512

4ead437b3f7f284cac582f1f5ddf9fe0493d1961280ff438884f6df54a7dcf87e95019bcbc7cd6a60381dfa02e34d2239060062a1d65657ca277517bdc64801c
SSDEEP

3072:CgR9Vjfy6pdySxR9gbHhtGNlz0y5qj3wakjlLQBr8nhnH22KaYO4FHxqNmb9:Cg1yt2700OBAnhnH2xaYO43Qmb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7817a43cf7f7350b05344ec4cce3183b

Files

JaffaCakes118_7817a43cf7f7350b05344ec4cce3183b
.exe windows:4 windows x86 arch:x86

96f477a7edb9c349b23da61750cb7e69

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shlwapi

PathCombineW
PathAppendW
PathRemoveFileSpecW
SHGetValueW
PathFileExistsW

comctl32

PropertySheetW

user32

SetWindowTextW
PostQuitMessage
GetFocus
GetDC
CreateCursor
SetWindowLongW
GetDlgCtrlID
LoadIconW
IsWindow
IsDlgButtonChecked
ReleaseDC
GetWindowModuleFileNameW
PostMessageW
DestroyWindow
MsgWaitForMultipleObjects

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoTaskMemAlloc
CreateStreamOnHGlobal
CoCreateInstance
CoTaskMemFree
CoUninitialize
CoInitializeEx
CoInitialize

shell32

SHGetFolderPathW
ShellExecuteW
SHFileOperationW
CommandLineToArgvW
ShellExecuteExW

kernel32

WriteConsoleInputVDMA
SearchPathW
GetProcessHandleCount
CompareFileTime
EnumResourceNamesA
FreeEnvironmentStringsW
MoveFileW
GetShortPathNameW
GetFullPathNameW
SetFileTime

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ