33c117b0de8bc84177d74feaad5ea511_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

33c117b0de8bc84177d74feaad5ea511_JaffaCakes118
Size

216KB
MD5

33c117b0de8bc84177d74feaad5ea511
SHA1

a6544abcc9649684f54c111b02fb9d9396bcbd20
SHA256

ef9ca61cb6ec29239956dbe88fddbfa2917d8624543ce37c8e34f4b8dcba2284
SHA512

3e172bbc9eb9961013ff4a897b2f133cf9b8c45916253abb38060bdd38653905d4dbdcbf08cfb90b454c8018463d63e239e39e0f8a0400b98a41b7820081c9ec
SSDEEP

3072:xCtbD0Xv5Yyg9+eKKS2wBHFuGsuvGhm8PLsE6K2QgMc1rmkDvp7N6uJuCNraKiwx:g8uhKDHcaOs8DLP1gDrpoOv+Ah

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33c117b0de8bc84177d74feaad5ea511_JaffaCakes118

Files

33c117b0de8bc84177d74feaad5ea511_JaffaCakes118
.exe windows:5 windows x86 arch:x86

883f930ded125812635f0275cf5da15a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

PlaySoundA

core

VulanUnHookDll

user32

CharNextA

gdi32

SetWindowExtEx

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA

advapi32

RegSetValueExA

shell32

Shell_NotifyIconA

shlwapi

PathFindExtensionA

oledlg

ord8

ole32

CoFreeUnusedLibraries

oleaut32

SysAllocString

wininet

InternetCanonicalizeUrlA

Sections

.text
Size: 199KB - Virtual size: 604KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE