JaffaCakes118_132e6e3a52d8e906dfc0bf01bf4fc0aa | Triage

Sharing

General

Target

JaffaCakes118_132e6e3a52d8e906dfc0bf01bf4fc0aa
Size

192KB
MD5

132e6e3a52d8e906dfc0bf01bf4fc0aa
SHA1

a5a0f20cf2774734c76482517f741fdb2f3a1c3a
SHA256

6565370e18eb38e28796bb5389e5a3e08f02107d5884eecbe7ec6674b2c8b1ff
SHA512

7aeab926b6022cd52860042bdf25aa895793ee5e077258356a132b5d186d5622cbcbee185b36fd51546143f3fdd7c352822b5d9f50042717596bb6251798c83a
SSDEEP

6144:jmZM2Oas8lb2B3h4r5omET1gTjqgLoYfv2nRTkVQTy/:aZM+NwhK5ob10LQnRIVQTy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_132e6e3a52d8e906dfc0bf01bf4fc0aa

Files

JaffaCakes118_132e6e3a52d8e906dfc0bf01bf4fc0aa
.exe windows:4 windows x86 arch:x86

59ac6f0c7af8b766beb245be85db5810

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

ole32

ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

winmm

mciSendCommandA
sndPlaySoundA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

SetTapePosition
GetWindowsDirectoryA
ClearCommError
GetLocalTime
GetCurrentProcessId
InterlockedExchange
GetVersion
EnumResourceNamesA
FatalExit
Sleep
FindClose
FindFirstFileA

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

LoadCursorA
SetWindowPos
GetSysColor
ReleaseCapture
FillRect
SetWindowLongA
MoveWindow
GetWindowInfo
GetDC
ReleaseDC
SetCursor
GetWindowLongA
GetDlgItem
IsWindow
SetCapture

Sections

.text
Size: 166KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ