JaffaCakes118_428294be76f32616ddfae8aa38f15f37 | Triage

Sharing

General

Target

JaffaCakes118_428294be76f32616ddfae8aa38f15f37
Size

201KB
MD5

428294be76f32616ddfae8aa38f15f37
SHA1

5b692612176dd7eb40f6c71578380b49a75b6c57
SHA256

ee77f481606f6571a985dbbf50e101449a7546bc35bf71216fd351ec741ac991
SHA512

bfa6b97edef6031de6d043a5d83daca88e2d38e7b602e072bfeae7041056c7378524d53322f194d2137515ea7a5d85270fc8a11822ec86e6ef06536def289491
SSDEEP

3072:JYPVYaCbrH77ZzdfTYJ1U8e+czCeC19pVIovkh5a5MIDDOHs6kz5UEJIr0y:6VYaW7Jd87RPeCTsqk3VIWqU7rF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_428294be76f32616ddfae8aa38f15f37

Files

JaffaCakes118_428294be76f32616ddfae8aa38f15f37
.exe windows:4 windows x86 arch:x86

9ce0a1b888c32f15aebe3d30211b7390

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

winmm

mciSendCommandA
sndPlaySoundA

ole32

CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

SetTapePosition
GetVersion
ClearCommError
InterlockedExchange
GetWindowsDirectoryA
GetCurrentProcessId
Sleep
EnumResourceNamesA
FatalExit
FindClose
GetLocalTime
FindFirstFileA

user32

FillRect
GetDlgItem
ReleaseCapture
GetSysColor
SetWindowPos
ReleaseDC
SetCursor
IsWindow
MonitorFromWindow
MoveWindow
SetWindowLongA
LoadCursorA
GetDC
GetWindowLongA
SetCapture

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ