fd61314ebe34845ef4c0b376e1436396_JaffaCakes118 | Triage

Sharing

General

Target

fd61314ebe34845ef4c0b376e1436396_JaffaCakes118
Size

189KB
MD5

fd61314ebe34845ef4c0b376e1436396
SHA1

d601bb3786ab95a237447efb7f45274383475cd0
SHA256

1ec773d463b338b66eb013c4bd1391b007326140897712d7e785df2530acc2c5
SHA512

47826ea633b52055daec61b4516934f9e284ac6e324f18468a94f34de3fbae2ccd660538efc78b4f1bce6e406ee16b71d2ecc3bf5535e775754340a2d4079510
SSDEEP

3072:hJSl1ILq79YgHnp5Q3TQzPV/vnhs/Mv06Uw/JuhgBLII62FyUj1yc0XZ5V7Mylnb:hol1Yq7egJ2MzN/veIfp/YhgB1yUjUc+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd61314ebe34845ef4c0b376e1436396_JaffaCakes118

Files

fd61314ebe34845ef4c0b376e1436396_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4ca4c0235b9438127f14741235db4b4e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetTapePosition
FindClose
ClearCommError
GetWindowsDirectoryA
Sleep
GetLocalTime
EnumResourceNamesA
GetVersion
GetCurrentProcessId
FatalExit
InterlockedExchange
FindFirstFileA

user32

LoadCursorA
GetDC
GetWindowLongA
SetWindowLongA
ReleaseDC
GetDlgItem
MonitorFromWindow
ReleaseCapture
MoveWindow
FillRect
IsWindow
SetWindowPos
GetSysColor
SetCursor
SetCapture

winmm

mciSendCommandA
sndPlaySoundA

oleacc

LresultFromObject
CreateStdAccessibleObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

ole32

ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ