3d300bbed332b78eb3b4fcacd6164670_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d300bbed332b78eb3b4fcacd6164670_JaffaCakes118
Size

33KB
MD5

3d300bbed332b78eb3b4fcacd6164670
SHA1

7fd2c71b66ba334c7f79a6d9c81bffb7ef295e2b
SHA256

2ea104326eebebd161141384775d5d35e30ac2443b04c5b22df8f19d7422281a
SHA512

8c70cc13b2c18c333711a101bd9cf7fe4166805d1e833e2f7065a21bdf0e9fcd8230c708a43a9a54f75220e435e6f839f25ad134e516fb39f40c960bdc9f8284
SSDEEP

384:OoOqSFPtlRNQhf4td5lBNpVxJ26Rd5lBmiOWS+jk0Q84u9ZFhJKGCuK2yqNp2yea:bOqAlRc1HKumDhlQIwGHm+cRCz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d300bbed332b78eb3b4fcacd6164670_JaffaCakes118

Files

3d300bbed332b78eb3b4fcacd6164670_JaffaCakes118
.exe windows:1 windows x86 arch:x86

df3bdb3ad3c07a6085461ecc2c895498

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
ExitProcess
GetTickCount
Sleep
WriteFile
CreateFileA
ReadFile
CloseHandle

user32

RegisterClassA
CreateWindowExA
GetMessageA
DefWindowProcA
ValidateRect
TranslateMessage
DispatchMessageA
GetDC
LoadCursorA
LoadIconA
PostQuitMessage
LoadImageA
GetAsyncKeyState
ShowCursor

gdi32

DeleteObject
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
PatBlt
SelectObject
GdiTransparentBlt

bass

BASS_Init
BASS_Start
BASS_StreamCreateFile
BASS_MusicFree
BASS_Free
BASS_StreamPlay

ddraw

DirectDrawCreate

Sections

.data
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE