JaffaCakes118_1fb7fc9d81bd33551df132bea26bd15a | Triage

Sharing

General

Target

JaffaCakes118_1fb7fc9d81bd33551df132bea26bd15a
Size

183KB
MD5

1fb7fc9d81bd33551df132bea26bd15a
SHA1

8ff9701bea9b9fcb24bb6e9b5dbcbfa491608c4b
SHA256

f30ecd3b615bd035fd637393d72651d50bb50038711605383ac113c496bae059
SHA512

234187f76519f28db09bd2210097b422556c9a82cc2d5a573d6761c766b34096ec3a713aeb92d50aeb7129ff5942022e629235ff09b85b9a0351056c90a65a01
SSDEEP

3072:FPtYq2Qpzi0kjLKs41P2lKq5KlaqBnakrBliXvtYhWEgPdn2kZIBJr+vYsWSYLj:b2d0kjWFEKIOiXFY0n2FDBr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_1fb7fc9d81bd33551df132bea26bd15a

Files

JaffaCakes118_1fb7fc9d81bd33551df132bea26bd15a
.exe windows:4 windows x86 arch:x86

29957cc646f31eabe62e5cbf05756dd1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

SetTapePosition
GetWindowsDirectoryA
ClearCommError
FindClose
GetLocalTime
Sleep
EnumResourceNamesA
GetCurrentProcessId
FatalExit
InterlockedExchange
GetVersion
FindFirstFileA

ole32

ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

user32

GetDC
MoveWindow
LoadCursorA
FillRect
SetWindowLongA
GetWindowLongA
SetWindowPos
GetDlgItem
ReleaseCapture
SetCursor
MonitorFromWindow
GetSysColor
IsWindow
ReleaseDC
SetCapture

oleacc

LresultFromObject
CreateStdAccessibleObject

winmm

mciSendCommandA
sndPlaySoundA

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ