0c960187a49bd678a038fc0c88d7d900_JaffaCakes118 | Triage

Sharing

General

Target

0c960187a49bd678a038fc0c88d7d900_JaffaCakes118
Size

182KB
MD5

0c960187a49bd678a038fc0c88d7d900
SHA1

495f7e9ba3f39597e7f690f52c5447ae0fa3bfb2
SHA256

9c7683693075b66927accf51df88f952a7f6aa37a2e689be27f2ebe347809a41
SHA512

12879401ed4485a6ca7c2d04bd60ccf21fbd614c587cc9407f5f2a9b0ff5b78c4ba97bb991effecf12d04658dc73a8f7a4c9d5fbfeaa36e3801720080b3c63c9
SSDEEP

3072:JL+r3hT83hs5PwGeO3Yd2JIC8MxYnAXiYTp0DHqO/G:JL+r9eO3Yd2bxYnYT+/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c960187a49bd678a038fc0c88d7d900_JaffaCakes118

Files

0c960187a49bd678a038fc0c88d7d900_JaffaCakes118
.exe windows:4 windows x86 arch:x86

71fb31dd45b794eaab537375cb0c9025

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UpdateWindow
TranslateMessage
ShowWindow
SendMessageA
RegisterClassExA
PostQuitMessage
CreateDialogParamA
DefWindowProcA
DestroyWindow
DispatchMessageA
EnableWindow
GetDlgItem
CheckDlgButton
GetMessageA
MessageBoxA
LoadIconA
LoadCursorA
IsDlgButtonChecked

kernel32

Sleep
SizeofResource
LockResource
_lclose
LoadResource
FindResourceA
CreateThread
_llseek
_lopen
_lread
LocalFree
VirtualAlloc
lstrcatA
CloseHandle
CreateFileA
ExitProcess
GetCommandLineA
GetFileSize
GetModuleHandleA
ReadFile
SetCurrentDirectoryA
SetFilePointer
SetUnhandledExceptionFilter
LocalAlloc
VirtualFree
WriteFile

comctl32

InitCommonControls

advapi32

RegOpenKeyA
RegQueryValueExA

winmm

waveOutUnprepareHeader
waveOutReset
waveOutPrepareHeader
waveOutOpen
waveOutGetPosition
waveOutClose
waveOutWrite

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ