dbf69a0672428b405622c2363892a805_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dbf69a0672428b405622c2363892a805_JaffaCakes118
Size

8KB
MD5

dbf69a0672428b405622c2363892a805
SHA1

c433cdd50c89a9983ab9cb8941089697bf479b0e
SHA256

16d926bca07968f274fbc0973a2c764c2e2f5a964d0bf30ddd74d2a04619ac45
SHA512

a0bc406579903bd132d34c323556e89da1ec9638aa5f16c81bcf9801f8037731b42854ad8530ece2c3e44c34f5a1f985331ee818ea108b91dae935a4a5206187
SSDEEP

192:9aLffDpelZVTFN+YeVLeZRG3x3Vv6eiPDaPA:O3Dp6ZnMYeVLeZRGBYeiP+o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbf69a0672428b405622c2363892a805_JaffaCakes118

Files

dbf69a0672428b405622c2363892a805_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a1b21b234efeead59ed51c378fb9ec00

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetTimer
SetFocus
SendMessageA
ShowCursor
ShowWindow
RegisterClassExA
CreateWindowExA
PostQuitMessage
GetFocus
PeekMessageA
MessageBoxA
LoadIconA
LoadCursorA
KillTimer
TranslateMessage
DispatchMessageA
DefWindowProcA

kernel32

GetFileSize
GetProcAddress
_lread
_lopen
_llseek
ReadFile
LoadLibraryA
GlobalFree
GlobalAlloc
GetModuleHandleA
ExitProcess
CreateFileA
CloseHandle

ddraw

DirectDrawCreate

midas11

_MIDASloadModule@4
_MIDASinit@0
_MIDASstartBackgroundPlay@4
_MIDASstopBackgroundPlay@0
_MIDASclose@0
_MIDASstartup@0
_MIDASplayModule@8
_MIDASstopModule@4
_MIDASfreeModule@4
_MIDASsetMusicVolume@8

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE