8705c63eca661af59f12c2d97583de0a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8705c63eca661af59f12c2d97583de0a_JaffaCakes118
Size

61KB
MD5

8705c63eca661af59f12c2d97583de0a
SHA1

f049c6a28d1d1acd6cdfa3271d49fda6986f380e
SHA256

c1327dbcf6aab7c257ade0833655a3124ea0838a6bb4365ef18640b0839e75be
SHA512

79804c000158efcdcc4a4b30ed6973decd1981901c145f08b76f212e114aa7cc482b43ee2235bcde94522e31d0350055c8d3d669a14f4af6696b6a2a51a7c773
SSDEEP

768:Ml4K5dkIvjYfk/Y0nYBpnNTdtXOoji5o6keJncciyTNzg:MCQl7uk/Y0nYBfT2SPJeJccRJg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8705c63eca661af59f12c2d97583de0a_JaffaCakes118

Files

8705c63eca661af59f12c2d97583de0a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7982848923a181847b0b16a306379c49

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA
SHGetPathFromIDListA
SHBrowseForFolderA

user32

SetWindowTextA
SetDlgItemTextA
SendMessageA
LoadIconA
GetDlgItemTextA
EndDialog
DialogBoxParamA

kernel32

MapViewOfFile
lstrlenA
UnmapViewOfFile
SizeofResource
SuspendThread
Sleep
SetThreadPriority
ResumeThread
ExitThread
CreateThread
CloseHandle
CreateFileA
CreateFileMappingA
ExitProcess
FindResourceA
GetFileSize
GetModuleHandleA
GetTickCount
GlobalAlloc
GlobalFree
LoadResource
LockResource
OpenFile

winmm

waveOutClose
waveOutGetPosition
waveOutOpen
waveOutPause
waveOutPrepareHeader
waveOutReset
waveOutRestart
waveOutUnprepareHeader
waveOutWrite

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE