edd2a145c1c8dc71f3a8fdc952cb4ef2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

edd2a145c1c8dc71f3a8fdc952cb4ef2_JaffaCakes118
Size

171KB
MD5

edd2a145c1c8dc71f3a8fdc952cb4ef2
SHA1

fa7a29091ec88d8409ca0a625f10b04d2d0364ea
SHA256

e4fd4753caa50a0b4a48458732cecd3921979488eb760a312cd4604d982b6c02
SHA512

d74eab70e454643c2c008cb62203a2c809df0808c30635d303bed8587f0659772a8884a6a9fda9c91b051131703ca1325a3073731dd09f5cd995ee46b57cd1df
SSDEEP

3072:vzOJkqRVqH1xmon6By+MeqrdN8kZXP92VT4WOemZlZ9ZVyiO:q6+iSavtrdNVXG0WOhHDO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
edd2a145c1c8dc71f3a8fdc952cb4ef2_JaffaCakes118

Files

edd2a145c1c8dc71f3a8fdc952cb4ef2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3291fdcc7276f096f56e526cc3dd9dab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess

winmm

waveOutPrepareHeader

ddraw

DirectDrawCreateEx

user32

GetClientRect

gdi32

StretchDIBits

Sections

pec1
Size: 59KB - Virtual size: 496KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 109KB - Virtual size: 612KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ