JaffaCakes118_975f564f04afa41186f64eecf105d1a4 | Triage

Sharing

General

Target

JaffaCakes118_975f564f04afa41186f64eecf105d1a4
Size

159KB
MD5

975f564f04afa41186f64eecf105d1a4
SHA1

4b2fd3fa1e7367c9f25337c19c8c42f185024c16
SHA256

04bd328544ac52d322ed83deb1c98e895a22e8936c0b0f49c2e541d27a420249
SHA512

72283d0e29078424bfb302044f2cfada2331e0ca0ed3b612b93a6fdc4322478a34cff59b0a85a0006c5d92dcfc898c275fa371238c352ca2efd7dbfcd05df4cc
SSDEEP

3072:piUyvp4hVLbutToP751vSOAPl4Ek6sJWyt5PD6nr0foJgG:cPvAVL62P7PbWy3D6n4wJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_975f564f04afa41186f64eecf105d1a4

Files

JaffaCakes118_975f564f04afa41186f64eecf105d1a4
.exe windows:4 windows x86 arch:x86

abca57933213bb847daf5cc03ad6f876

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

CreateCursor
IsDlgButtonChecked
GetDC
SetWindowTextW
PostMessageW
LoadIconW
SetWindowLongW
PostQuitMessage
DestroyWindow
ReleaseDC
IsWindow
GetDlgCtrlID
GetWindowModuleFileNameW
GetFocus
MsgWaitForMultipleObjects

ole32

CoInitializeEx
CreateStreamOnHGlobal
CoTaskMemAlloc
CoUninitialize
CoCreateInstance
CoTaskMemFree
CoInitialize

kernel32

WriteConsoleInputVDMA
CompareFileTime
GetProcessHandleCount
GetShortPathNameW
EnumResourceNamesA
FreeEnvironmentStringsW
MoveFileW
SearchPathW
GetFullPathNameW
SetFileTime

shell32

ShellExecuteW
SHGetFolderPathW
CommandLineToArgvW
SHFileOperationW
ShellExecuteExW

oleacc

LresultFromObject
CreateStdAccessibleObject

shlwapi

PathRemoveFileSpecW
PathAppendW
SHGetValueW
PathCombineW
PathFileExistsW

comctl32

PropertySheetW

Sections

.text
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ