fd205f5c3d554174f5866cd698285cba_JaffaCakes118 | Triage

Sharing

General

Target

fd205f5c3d554174f5866cd698285cba_JaffaCakes118
Size

182KB
MD5

fd205f5c3d554174f5866cd698285cba
SHA1

434adf83a08124b404078ae9c4ecbc83bec9550f
SHA256

d859751f4ec78541cb84fb87aaeec7648f7a8586c95f1f7d8ae7b1fdc42c6148
SHA512

7ff51f472d6cbf7658bb796066179f3f4626556e072eefdecfaad78c283ac74501a6f93d3c2b517df73a777ff3d8999c4c732caa532bea30976ad4d86faf7855
SSDEEP

3072:fb0neJG/Ng/TYBrNNKkPE7sVv2ivEOes5wKg2gZGfufHBSgE11L:fkeU/Ng/WmsJfET9Ox

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd205f5c3d554174f5866cd698285cba_JaffaCakes118

Files

fd205f5c3d554174f5866cd698285cba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6c1f86efa9385757d634ba4572952c37

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
HeapFree
HeapReAlloc
HeapCreate
HeapAlloc
VirtualAlloc
GetSystemTimeAsFileTime
VirtualFree
QueryPerformanceCounter
SetLastError
EnumSystemLanguageGroupsW
VirtualQuery
GetWriteWatch
IsBadWritePtr
GetCurrentProcessId
TlsAlloc
TlsFree

winmm

mciSendCommandA
sndPlaySoundA

user32

SetWindowTextA
GetWindow
DestroyIcon
GetDlgItem
LoadImageA
CreateWindowExA
LoadStringA
GetParent

oleacc

CreateStdAccessibleObject
AccessibleChildren

ole32

ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ