353b8d46321a6dd8c75a907b364989b2_JaffaCakes118 | Triage

Sharing

General

Target

353b8d46321a6dd8c75a907b364989b2_JaffaCakes118
Size

162KB
MD5

353b8d46321a6dd8c75a907b364989b2
SHA1

8220fe721cb44932fc5d1aebe851e1067ea22b61
SHA256

f0491e41ffb4a6c90c872a512db6d2aa7cfa4225726d522a9967f7779a3bd514
SHA512

e4015765bbe6783fafba72964167577394e57e3a8588dbb7514b9cf4131446013791116aa8a41bc5886856a83c7bca37ff371873f9a7c0ceccbec71a44068147
SSDEEP

3072:Tvi49qRCEnk4nrbk/7K48zNF175yXOFNvDcQ873PZWiv/eF:T+AEnXnrCKDz9V6Ofbs73Pg6e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
353b8d46321a6dd8c75a907b364989b2_JaffaCakes118

Files

353b8d46321a6dd8c75a907b364989b2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0384608feb2bd389aba50538f10cc16d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
HeapFree
GetSystemInfo
GetFileType
HeapSize
VirtualProtect
GetCPInfo
VirtualQuery
GetStdHandle
TlsSetValue
EnumSystemLanguageGroupsW
GetOEMCP
GetWriteWatch
RtlUnwind
TlsGetValue
TlsFree
SetHandleCount
GetStartupInfoA

user32

GetSysColor
LoadCursorA
MoveWindow
SetWindowPos
IsWindow
SetWindowLongA
SetCursor
ReleaseCapture
GetWindowInfo
FillRect
GetWindowLongA
GetDC
GetDlgItem
ReleaseDC
SetCapture

ole32

CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

winmm

mciSendCommandA
sndPlaySoundA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

oleacc

CreateStdAccessibleObject
AccessibleChildren

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ