f72da0d7dcff4f18bbd4b066ff763250_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f72da0d7dcff4f18bbd4b066ff763250_JaffaCakes118
Size

810KB
MD5

f72da0d7dcff4f18bbd4b066ff763250
SHA1

d97f1b99f121defb37ec226213c07fd1f713c4f9
SHA256

e6223b8a68bb750e9c97496f8647f1721c266e6b6e8a3a8707d4d9ac83bd7d45
SHA512

57c780ae22a931c36875735b0eb42438275b3facd4aab77023316a4ddd5d243d71b0e3eb774b41a98c8bcb354a44eb16dd3b1cea95d3c40c06a182896250b48f
SSDEEP

12288:6oQemWNhb0B6HRusv6RUO9F0m9DA0mDL691JScc58UAfX7eNxcHaZhdLQ+pEfTZh:1QemahbTRp3nwJ108X7eNxcHWdLQ+6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f72da0d7dcff4f18bbd4b066ff763250_JaffaCakes118

Files

f72da0d7dcff4f18bbd4b066ff763250_JaffaCakes118
.exe windows:4 windows x86 arch:x86

91276fee2dcd0bb288b0467b9a0e34b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

advapi32

RegOpenKeyA

comctl32

ImageList_GetIcon

gdi32

ExtSelectClipRgn

msacm32

acmStreamPrepareHeader

netapi32

Netbios

oleaut32

VariantTimeToSystemTime

olepro32

OleCreateFontIndirect

shell32

ShellExecuteA

user32

BeginPaint

version

VerQueryValueA

winmm

mixerGetLineInfoA

winspool.drv

OpenPrinterA

wsock32

send

comdlg32

GetOpenFileNameA

ole32

StgCreateDocfileOnILockBytes

oledlg

OleUIBusyA

urlmon

URLDownloadToFileA

Sections

.text
Size: 772KB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE