943808e4aa3a13510dc4e1cca74b52cd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

943808e4aa3a13510dc4e1cca74b52cd_JaffaCakes118
Size

191KB
MD5

943808e4aa3a13510dc4e1cca74b52cd
SHA1

8dd731c63e6ea916118fca7c92ca95b5f24f6def
SHA256

dee6fde960f98eff0cc1a13d2f5b8a824c63b2b86bce961a07eb3393b7744507
SHA512

ee445a9f81097d63fba269b6870bcaddc752d1fa81c9d68c9c8748092196172c84320c39c007bbb160555948409e0d9b6de6dfaa67fbd51a9f1d96c50576b2ae
SSDEEP

3072:kaRbPvBJP/kSNvypwVEVaP4HjApRf3cO5mfegwVtF9Yd1c3Q8WqMkUnAK+iD3I:JvHXkS1ypwVIa+MpRf3cO5mfsVn9Y0g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
943808e4aa3a13510dc4e1cca74b52cd_JaffaCakes118

Files

943808e4aa3a13510dc4e1cca74b52cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

50122fb75ea1fe90e8a4f149eb182cc7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

ole32

CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

user32

GetDlgItem
SetWindowLongA
FillRect
GetSysColor
MonitorFromWindow
ReleaseCapture
ReleaseDC
IsWindow
SetWindowPos
GetDC
GetWindowLongA
SetCursor
LoadCursorA
MoveWindow
SetCapture

kernel32

SetTapePosition
GetCurrentProcessId
ClearCommError
GetVersion
InterlockedExchange
Sleep
FindClose
EnumResourceNamesA
FatalExit
GetLocalTime
GetWindowsDirectoryA
FindFirstFileA

winmm

mciSendCommandA
sndPlaySoundA

Sections

.text
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ