403fdc57caf549b39c003b16f7b64b3b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

403fdc57caf549b39c003b16f7b64b3b_JaffaCakes118
Size

63KB
MD5

403fdc57caf549b39c003b16f7b64b3b
SHA1

fd36073137246a4227a73fb28d6eaeb211968eb3
SHA256

3c60e186c08b3f4ffbcec70ea229a4f3bff8fded0134105bf4193bac3dfc4d1a
SHA512

c0b4ad24e068cfbdb9e76fdecddb9645a9d30d185604cbf30373ef71c3f792a9b289e6f29c96be60b08084f693bada8c1fa57b259b4116a72fb93b4750b6166b
SSDEEP

768:vv8dUsYZEBIrvCCpU9Ut3Wz+EBjVGBVCxqEJXJxwPADx2CccdVqNOoXa6ykyaG3J:Y8r6wU9CGS6jVGpYJxwYsCcsfmngJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
403fdc57caf549b39c003b16f7b64b3b_JaffaCakes118

Files

403fdc57caf549b39c003b16f7b64b3b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7ddb50d40a75f095e048f400f9772c40

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetPropW

ws2_32

recvfrom

msvcp120

_Cnd_init

dnutility

?utility_log@@YAXPBDHPB_WZZ

avcodec-55

avcodec_open2

avformat-55

avio_open

avutil-52

av_fifo_free

avdevice-55

avdevice_register_all

swscale-2

sws_scale

msvcr120

exit

shell32

SHGetFolderPathW

Sections

.MPRESS1
Size: 51KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE