bd855192badf3dbff67a06f140343837_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd855192badf3dbff67a06f140343837_JaffaCakes118
Size

263KB
MD5

bd855192badf3dbff67a06f140343837
SHA1

9ca22af6dfb42b724905bffda2c699e38c9652d4
SHA256

9aaef72349fce57cf9c59376543790a44fee4aa8d71f04423391419292d7bc91
SHA512

c12f8e2037052bd09d6ed253f8fef04817fa1c2c1a7711b84aa748132fb783d1eaa812a3694e19181e2b082539f89da73296c62e86a1f774aa0de5a0e58908e1
SSDEEP

6144:3Hn7HN4J49e0VTJYYXfiBJkxrWHKmA8WRey+M33TWIFh:3Hn7HN4JHqYYXf2kZKCej43TzF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd855192badf3dbff67a06f140343837_JaffaCakes118

Files

bd855192badf3dbff67a06f140343837_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1b9723a6e0c39feea5614e1839266236

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
VirtualAlloc
HeapAlloc
TlsAlloc
GetSystemTimeAsFileTime
HeapCreate
HeapReAlloc
VirtualFree
QueryPerformanceCounter
VirtualQuery
EnumSystemLanguageGroupsW
IsBadWritePtr
HeapDestroy
GetWriteWatch
GetCurrentProcessId
SetLastError
TlsFree

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

ole32

CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

oleacc

CreateStdAccessibleObject
AccessibleChildren

user32

GetDlgItem
DestroyIcon
LoadImageA
SetWindowTextA
CreateWindowExA
LoadStringA
GetWindow
GetParent

winmm

mciSendCommandA
sndPlaySoundA

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ