3dd927bbd73e4436f8cf12e770dc9bd1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3dd927bbd73e4436f8cf12e770dc9bd1_JaffaCakes118
Size

199KB
MD5

3dd927bbd73e4436f8cf12e770dc9bd1
SHA1

957f07c175218dd73468b957f1bac75f2b196935
SHA256

9f3bb59c3b5684efe6b36f2bbcbba8e1449b5588c89eb6fb7a458f355a17ee69
SHA512

bdee16cfd26e43b9ad3b3172b2b367b3492f1b0ca177ce609a06308664254c32d551abfcb117000dc29b957946d83dd81a65b9ddee0dbc04e2a317ed1f472cd3
SSDEEP

6144:RCixwTEY8EDNc7/Zg6ZF8mX953mlm4oH/:aCkNczZxZOmLy6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dd927bbd73e4436f8cf12e770dc9bd1_JaffaCakes118

Files

3dd927bbd73e4436f8cf12e770dc9bd1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

70e43114437cd1847d589c852f16252a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

winmm

mciSendCommandA
sndPlaySoundA

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

GetDC
ReleaseDC
GetWindowInfo
GetDlgItem
SetWindowLongA
GetSysColor
FillRect
IsWindow
LoadCursorA
GetWindowLongA
ReleaseCapture
SetWindowPos
MoveWindow
SetCursor
SetCapture

kernel32

SetTapePosition
GetLocalTime
ClearCommError
FindClose
InterlockedExchange
Sleep
EnumResourceNamesA
GetVersion
GetWindowsDirectoryA
FatalExit
GetCurrentProcessId
FindFirstFileA

ole32

ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

Sections

.text
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ