f0396d0e2c4ab1031dce598633c4e763_JaffaCakes118 | Triage

Sharing

General

Target

f0396d0e2c4ab1031dce598633c4e763_JaffaCakes118
Size

636KB
MD5

f0396d0e2c4ab1031dce598633c4e763
SHA1

d47381d10917162b2f4293e7360faff2efa2afe7
SHA256

88e698ae3ec192e3af7d60cdc9afa7e22cdd2e5a412cec1b1051dc94e4d2a5ef
SHA512

73480b1842e2b5106b951ccc66b324cad87a2c7677d162c9177ce4bb95559070b6645fb53b81bb170c48a6174b36104bfa233417ece91c281b75f8dba74fac04
SSDEEP

12288:6xAeFV4TULyn6WjrUpDLeswTzKuQ0Snf2ulV65CVJqP5:6D4T6ArU5Lo6Ou+uJqx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0396d0e2c4ab1031dce598633c4e763_JaffaCakes118

Files

f0396d0e2c4ab1031dce598633c4e763_JaffaCakes118
.exe windows:4 windows x86 arch:x86

52d43dc817cf19455abd372d5b161844

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GetSystemDefaultLangID
HeapReAlloc
CompareFileTime
LoadLibraryExA
GetVersion
SuspendThread
GetStdHandle
VirtualProtect
lstrlenA
WaitForSingleObject
InterlockedExchange
GetAtomNameA
GetTickCount
HeapCreate
CloseHandle
WaitForMultipleObjects
GetCommandLineA
GetModuleHandleA
SetConsoleCP
GetConsoleCP

user32

SetWindowPos
FillRect
InsertMenuA
DialogBoxParamA
DrawCaption
CreateMenu
SetScrollInfo
InvertRect
IsDialogMessage
GetKeyboardLayout
DispatchMessageA
GetCursorInfo
DragObject
GetDlgItem
CreateIcon
DragDetect
SetPropA
FindWindowA
DestroyMenu
GetKeyState

winmm

auxSetVolume
CloseDriver
PlaySoundA
OpenDriver
auxGetVolume

version

VerQueryValueA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ