c8abeeb040bef6e7ab6c64534de66865_JaffaCakes118 | Triage

Sharing

General

Target

c8abeeb040bef6e7ab6c64534de66865_JaffaCakes118
Size

268KB
MD5

c8abeeb040bef6e7ab6c64534de66865
SHA1

3efd0f438ca509b2441832457f0a76911ae09dc6
SHA256

4b78cb99a1b1168da252ececd8648918e1f648336ae606ddeae94770c1641136
SHA512

f7861bf0ebc2f11a3ff88381349c465bb90085e6365185a33e98f907d8a44ca7f33ce2267a4f912df88d04632e47f0afb9c29687e793f9c60a81742e4c4690ae
SSDEEP

6144:8lUbuVty3yLA5abKPsjNzGizf9IyaXyhRopvdkgr72:84uDMYbKPOzr79bXhIdkg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8abeeb040bef6e7ab6c64534de66865_JaffaCakes118

Files

c8abeeb040bef6e7ab6c64534de66865_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8e44bcb8f07777bfd5d07f9ed8093223

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQuery
HeapFree
VirtualFree
HeapReAlloc
HeapCreate
QueryPerformanceCounter
HeapAlloc
TlsAlloc
EnumSystemLanguageGroupsW
GetCurrentProcessId
HeapDestroy
GetWriteWatch
GetSystemTimeAsFileTime
SetLastError
IsBadWritePtr
VirtualAlloc
TlsFree

user32

GetDlgItem
SetWindowTextA
CreateWindowExA
LoadStringA
LoadImageA
GetWindow
DestroyIcon
GetParent

ole32

CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

oleacc

CreateStdAccessibleObject
AccessibleChildren

winmm

mciSendCommandA
sndPlaySoundA

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ