JaffaCakes118_7461cb402511b83c66b8c729a6a1ba1d | Triage

Sharing

General

Target

JaffaCakes118_7461cb402511b83c66b8c729a6a1ba1d
Size

175KB
MD5

7461cb402511b83c66b8c729a6a1ba1d
SHA1

a866cad40fff8d69b0e9a8695f2a3a2c67c36cbc
SHA256

cf23ed684b64764c7d9ba42426915feb545784fad0c805c552da8b036c06a9c9
SHA512

a40ca99fbd684125237b7a213bbe2fcfbd1f18639647b73ac9bb1481aa161e749c73783ca808ed1173d1f5eb56dc328b0e60f67ce8069b0e8c6775c7ec829063
SSDEEP

3072:bPT3AEuuvm+z8D1Hi1ok9Cm6AOBgILORZwVT5o1EZl70JV4m0/nV5:3Auvvz4Hi22ylBfK83fZl7Rt5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7461cb402511b83c66b8c729a6a1ba1d

Files

JaffaCakes118_7461cb402511b83c66b8c729a6a1ba1d
.exe windows:4 windows x86 arch:x86

6aa3f8321d761b4627532abff0b32137

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

ReleaseCapture
LoadCursorA
MonitorFromWindow
SetWindowPos
GetWindowLongA
MoveWindow
GetDlgItem
SetCursor
IsWindow
FillRect
ReleaseDC
GetDC
SetWindowLongA
GetSysColor
SetCapture

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

ole32

CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

kernel32

SetTapePosition
FindClose
ClearCommError
Sleep
GetCurrentProcessId
GetLocalTime
InterlockedExchange
EnumResourceNamesA
FatalExit
GetVersion
GetWindowsDirectoryA
FindFirstFileA

oleacc

LresultFromObject
CreateStdAccessibleObject

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

winmm

mciSendCommandA
sndPlaySoundA

Sections

.text
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ