018117f0fc3b881329b09d05b306b65f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

018117f0fc3b881329b09d05b306b65f_JaffaCakes118
Size

187KB
MD5

018117f0fc3b881329b09d05b306b65f
SHA1

ff3e274c484e4030d893477ddbbe856c40ada62a
SHA256

0194d1de12409ac9f08a537e8913d1a21d0e5c189b73e294fcbde30c85e88d2b
SHA512

7104d0e20b0a473305eb7790174937fbfa380cda9d8a193d940c9ad60f4e9fbe127e6f47d6ab32a95aa3b72e49be6438fb0075db1f83a35b5641660c08165786
SSDEEP

3072:u3mPIfm1/EreA6qihJRYI/N+dPhX92UUDc+g1Dj+BLcOSpaTSoKlwK6vkUPDCPSI:1PIfa8reA6qizHMZX8Di1PyS0O1ls3+1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
018117f0fc3b881329b09d05b306b65f_JaffaCakes118

Files

018117f0fc3b881329b09d05b306b65f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d3060d3d91bb16e60fa3ebaad04fc847

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

winmm

mciSendCommandA
sndPlaySoundA

user32

IsWindow
SetWindowPos
GetSysColor
GetDlgItem
MonitorFromWindow
GetDC
GetWindowLongA
SetCursor
ReleaseCapture
MoveWindow
ReleaseDC
LoadCursorA
FillRect
SetWindowLongA
SetCapture

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

oleacc

LresultFromObject
CreateStdAccessibleObject

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

ole32

ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

kernel32

SetTapePosition
GetLocalTime
ClearCommError
Sleep
FindClose
InterlockedExchange
EnumResourceNamesA
GetCurrentProcessId
FatalExit
GetWindowsDirectoryA
GetVersion
FindFirstFileA

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ