e92eab8a710d9a5605cdb30dea23aa67_JaffaCakes118 | Triage

Sharing

General

Target

e92eab8a710d9a5605cdb30dea23aa67_JaffaCakes118
Size

268KB
MD5

e92eab8a710d9a5605cdb30dea23aa67
SHA1

3fd3702f243ea072963644865ee83e6e3f689ab4
SHA256

66f302a04d4fafb8652656d39218f98579c3c3a2b95a47681ad9227ad774fa7d
SHA512

8c457450dc9700c0bf700e5c9c3ed9d10f699276a9787ba358fa30831d9341ac984b81e3e1def9419b75e0707ef5b64dfa8e041d5f7b1cf773fda35cfba821d9
SSDEEP

6144:usztCCVWFfiRsI8eEGfxQhpoghUpaVMK6OW7xAC66KBesEGzKpUNvr:XRCCUJI8etyhyLpa+txPsOQvr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e92eab8a710d9a5605cdb30dea23aa67_JaffaCakes118

Files

e92eab8a710d9a5605cdb30dea23aa67_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cf4c83c4e0df2c0bec63614d14e263c8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
HeapCreate
VirtualAlloc
HeapReAlloc
VirtualFree
GetCurrentProcessId
QueryPerformanceCounter
EnumSystemLanguageGroupsW
SetLastError
GetWriteWatch
IsBadWritePtr
HeapDestroy
VirtualQuery
TlsFree

ole32

CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

user32

SetWindowTextA
GetWindow
LoadStringA
GetDlgItem
DestroyIcon
CreateWindowExA
LoadImageA
GetParent

winmm

mciSendCommandA
sndPlaySoundA

msimg32

AlphaBlend
TransparentBlt

oleacc

CreateStdAccessibleObject
AccessibleChildren

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ