JaffaCakes118_3ce5a94f9e31d1eee6239684007ec5a1 | Triage

Sharing

General

Target

JaffaCakes118_3ce5a94f9e31d1eee6239684007ec5a1
Size

153KB
MD5

3ce5a94f9e31d1eee6239684007ec5a1
SHA1

769c0e5c0122a75a9990667a40863b7cd21c8341
SHA256

0cefb50111a023e783975377ccc9291d7bf23799e527cfb683892ac570800167
SHA512

4ae1dd6c7a0f6acac2323cc286a473f0cd0e704277a786c71a8acee2fb345e4d9818872fe9873d445c1d07251c65d1463b969cb2e141d91fcd71c531532b95e8
SSDEEP

3072:ODs8TuvZP4ableFNMprUd6YzZcQxIx0NKL8QvLzUqpVI7raIQbGk:ODs8qZP4adUdBVcq80N+n8H9k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_3ce5a94f9e31d1eee6239684007ec5a1

Files

JaffaCakes118_3ce5a94f9e31d1eee6239684007ec5a1
.exe windows:4 windows x86 arch:x86

5a212a062204236347c83657825c1f32

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

ole32

CoTaskMemFree
CoInitializeEx
CoTaskMemAlloc
CoUninitialize
CreateStreamOnHGlobal
CoCreateInstance
CoInitialize

comctl32

PropertySheetW

user32

GetDlgCtrlID
CreateCursor
DestroyWindow
IsDlgButtonChecked
LoadIconW
GetDC
PostMessageW
IsWindow
SetWindowTextW
PostQuitMessage
ReleaseDC
SetWindowLongW
GetFocus
GetWindowModuleFileNameW
MsgWaitForMultipleObjects

shlwapi

PathRemoveFileSpecW
PathAppendW
SHGetValueW
PathCombineW
PathFileExistsW

kernel32

WriteConsoleInputVDMA
MoveFileW
GetProcessHandleCount
CompareFileTime
EnumResourceNamesA
FreeEnvironmentStringsW
GetShortPathNameW
GetFullPathNameW
SearchPathW
SetFileTime

shell32

SHFileOperationW
CommandLineToArgvW
ShellExecuteW
SHGetFolderPathW
ShellExecuteExW

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ