3ec7b86ed8a49064c5aa141847745279_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ec7b86ed8a49064c5aa141847745279_JaffaCakes118
Size

174KB
MD5

3ec7b86ed8a49064c5aa141847745279
SHA1

7533d279df4c0d95bdff70142753bfb84a7734ee
SHA256

c5e6ca8bea0d431f3bbfebc9bfcc8ceecbd17912fd86ff52a63561149efa0f61
SHA512

b50cf8155aa86f4313ec327d01555a5144604af10e2e3bb4946e38e90c844defc83c5cf96f893c340f1fbfe5712f29f8680f1a460ceb022d7230354354134928
SSDEEP

3072:dR20SdJ2UWf2NxjFuyRSJOeorKCpoUlTqp8cAX1DqkimSbZpd:L20S72UWf2Nxpfeo3lyAX1DMzFL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ec7b86ed8a49064c5aa141847745279_JaffaCakes118

Files

3ec7b86ed8a49064c5aa141847745279_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5fe956c0cbd2ae0ab591b5fc46205403

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetWindowLongA
GetSysColor
MonitorFromWindow
LoadCursorA
SetCursor
MoveWindow
SetWindowPos
FillRect
ReleaseCapture
GetDC
GetDlgItem
SetWindowLongA
ReleaseDC
IsWindow
SetCapture

kernel32

SetTapePosition
GetWindowsDirectoryA
ClearCommError
GetLocalTime
FindClose
Sleep
InterlockedExchange
EnumResourceNamesA
GetVersion
FatalExit
GetCurrentProcessId
FindFirstFileA

winmm

mciSendCommandA
sndPlaySoundA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

ole32

ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ