febbb4ae834cdaf431ccd431312929f1_JaffaCakes118 | Triage

Sharing

General

Target

febbb4ae834cdaf431ccd431312929f1_JaffaCakes118
Size

191KB
MD5

febbb4ae834cdaf431ccd431312929f1
SHA1

462e75001e6e706cec3e8cafb9a3712ff1d405fe
SHA256

154824672670cccfa20288994f9082374eb0a1f37c69cbe25558eb9d7bf9d3f0
SHA512

f71009dfc9c209ec0d44347897b17d057493b14a747ca4ebc993aa6c3f1d038f221a6526235c16077b7b011f7c6749ce882011dc8bd110792a413841a8123135
SSDEEP

3072:kaRbPvBJP/kSNvypwVEVaP4HjApRf3cO5mfegwVtF9Yd1c3Q8WqMkUnAK+iD3I:JvHXkS1ypwVIa+MpRf3cO5mfsVn9Y0g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
febbb4ae834cdaf431ccd431312929f1_JaffaCakes118

Files

febbb4ae834cdaf431ccd431312929f1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

50122fb75ea1fe90e8a4f149eb182cc7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

ole32

CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

user32

GetDlgItem
SetWindowLongA
FillRect
GetSysColor
MonitorFromWindow
ReleaseCapture
ReleaseDC
IsWindow
SetWindowPos
GetDC
GetWindowLongA
SetCursor
LoadCursorA
MoveWindow
SetCapture

kernel32

SetTapePosition
GetCurrentProcessId
ClearCommError
GetVersion
InterlockedExchange
Sleep
FindClose
EnumResourceNamesA
FatalExit
GetLocalTime
GetWindowsDirectoryA
FindFirstFileA

winmm

mciSendCommandA
sndPlaySoundA

Sections

.text
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ