69d946e69a4392bbd22cb8d565041b32_JaffaCakes118 | Triage

Sharing

General

Target

69d946e69a4392bbd22cb8d565041b32_JaffaCakes118
Size

270KB
MD5

69d946e69a4392bbd22cb8d565041b32
SHA1

ffd0d3c88dea1db282fb440ffc2693879ab8db14
SHA256

80bb68488b91276e227751b7da7ffff7adc3e071cbcdf52a93d57476a78b0c5e
SHA512

40b52724bde6e2a6115c47dbe704639783c5f0eea45e911132d08940dc31584b6ced23bec744505e175d1eb452f13572d0b863a62b10d4a0bb321cc0422f98f8
SSDEEP

6144:UBfLyANZ+hKlpB3oEzDlb5V7W+J40eENWjQbT:UB2aZ+olpB4EnViQ40HND/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69d946e69a4392bbd22cb8d565041b32_JaffaCakes118

Files

69d946e69a4392bbd22cb8d565041b32_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ffb83ecefdaba374763282b9d62b9b72

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
HeapFree
VirtualQuery
GetSystemTimeAsFileTime
TlsAlloc
VirtualFree
QueryPerformanceCounter
HeapDestroy
GetCurrentProcessId
EnumSystemLanguageGroupsW
HeapReAlloc
VirtualAlloc
GetWriteWatch
HeapAlloc
IsBadWritePtr
HeapCreate
TlsFree

user32

CreateWindowExA
SetWindowTextA
LoadStringA
DestroyIcon
LoadImageA
GetDlgItem
GetWindow
GetParent

ole32

CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

oleacc

CreateStdAccessibleObject
AccessibleChildren

winmm

mciSendCommandA

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 197KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ