62933c7a1a6ece358c6a0f5213c9f440_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

62933c7a1a6ece358c6a0f5213c9f440_JaffaCakes118
Size

166KB
MD5

62933c7a1a6ece358c6a0f5213c9f440
SHA1

924e59171e1c6132ad68832066136a833a89cfcc
SHA256

3f09d51d54df047152949d08d0d26775fe58ff11ca0175f8db802d3044ac4ab4
SHA512

40b50be644ab596d667b1928dd798d474c8abe911108e13e3d0d7e88eedd6589ecaa33128f6cde5ae02f644370fcf85c48351cbfc26dfe90cdda62053ae59e3f
SSDEEP

3072:1zg6dZ6ZhAedSao/l4werb2KelPCo8t+XrU47XQrd7RcZtpyq8qvfBeQ:Jg6dZih9S7lRKelPCo8sR8rtRcZNv5e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62933c7a1a6ece358c6a0f5213c9f440_JaffaCakes118

Files

62933c7a1a6ece358c6a0f5213c9f440_JaffaCakes118
.exe windows:4 windows x86 arch:x86

faaeb9956213513b4b65bf43dcaa81a7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
HeapFree
VirtualFree
HeapReAlloc
VirtualQuery
HeapAlloc
QueryPerformanceCounter
HeapDestroy
EnumSystemLanguageGroupsW
GetSystemTimeAsFileTime
TlsAlloc
GetWriteWatch
IsBadWritePtr
GetCurrentProcessId
VirtualAlloc
HeapCreate
TlsFree

oleacc

CreateStdAccessibleObject
AccessibleChildren

shlwapi

PathAddBackslashW

winmm

mciSendCommandA

user32

LoadStringA
CreateWindowExA
GetWindow
LoadImageA
SetWindowTextA
GetDlgItem
DestroyIcon
GetParent

shell32

SHChangeNotify
SHGetMalloc
SHGetPathFromIDListW

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ