308b6ac6887a8c75985a1f8a001077f1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

308b6ac6887a8c75985a1f8a001077f1_JaffaCakes118
Size

137KB
MD5

308b6ac6887a8c75985a1f8a001077f1
SHA1

2ade4cdee75111ecb6245b740a7c171bda649aeb
SHA256

965e737b6f99368fdbe5df46888b830f773b1d68f38f760696f6f2055e323f34
SHA512

58c8fd23afa8f63e6eefe2b350d2d4a05716c6bf0e5d2e985182d9c38f12bd9791e1cfc97d9a6cab6c8c1160f37c30cd170671c7c16a60b2ef8046f51cd146d1
SSDEEP

1536:sLdw2x6B3td8ix2v5yauPyjzVj5gyhAu2Q8Lwb8+nSrpZCQCE4tvFew+z2Cy:sKO6B3td94v5yaSYjCYANtynS9MtAL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
308b6ac6887a8c75985a1f8a001077f1_JaffaCakes118

Files

308b6ac6887a8c75985a1f8a001077f1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

101febaf0a4b1635be47888586469a8e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DialogBoxParamA
LoadIconA
MessageBoxA
PostQuitMessage
SendMessageA
EndDialog

kernel32

TerminateProcess
Sleep
SetThreadPriority
RtlZeroMemory
RtlMoveMemory
RtlFillMemory
ResumeThread
CloseHandle
CreateFileA
CreateProcessA
ExitProcess
FindResourceA
GetExitCodeProcess
GetFileSize
GetLastError
GetModuleHandleA
GetStartupInfoA
GlobalAlloc
LoadResource
LockResource
SetFilePointer
SizeofResource
SuspendThread
WriteFile
GlobalFree
ExitThread
CreateThread

winmm

waveOutOpen
waveOutClose
waveOutWrite
waveOutUnprepareHeader
waveOutRestart
waveOutReset
waveOutPrepareHeader
waveOutGetPosition
waveOutPause

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE