964245e1aff6ebe7a54f7f7bf246d864_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

964245e1aff6ebe7a54f7f7bf246d864_JaffaCakes118
Size

177KB
MD5

964245e1aff6ebe7a54f7f7bf246d864
SHA1

020928970c3853132abb03f6dcc6260e47da305e
SHA256

51e70b462121cc4a76daedfd715ab3ec73f27cccda44b47b7532a9e22ad822ea
SHA512

c85d07d3a8c78316f6ece191f0fda95261069bb6822408cb70bb2a29eed4502e53282c2be831870cb89ad3b49ef6e5f64b29a45b1d6565b4089173993afa2466
SSDEEP

3072:FAtX1nyfE2BgOkQzKJdH6zjpqvCXeaHX4V3Yym7RrDs87g+OOtzZDNfH83p4pMbn:WHnyfJgU4Sk24V3jcRxguLsZlp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
964245e1aff6ebe7a54f7f7bf246d864_JaffaCakes118

Files

964245e1aff6ebe7a54f7f7bf246d864_JaffaCakes118
.exe windows:4 windows x86 arch:x86

498d462e807731f26ac6b0ae3589caf1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
HeapFree
TlsSetValue
GetFileType
SetHandleCount
GetStdHandle
RtlUnwind
TlsGetValue
HeapSize
EnumSystemLanguageGroupsW
GetOEMCP
GetWriteWatch
VirtualQuery
TlsFree
VirtualProtect
GetSystemInfo
VirtualAlloc
GetStartupInfoA

user32

IsWindow
GetSysColor
GetDlgItem
GetDC
SetCursor
MoveWindow
GetWindowLongA
FillRect
SetWindowLongA
ReleaseCapture
SetWindowPos
ReleaseDC
GetWindowInfo
LoadCursorA
SetCapture

winmm

mciSendCommandA
sndPlaySoundA

oleacc

CreateStdAccessibleObject
AccessibleChildren

ole32

ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ