4a18fa2bcbecf9106a86c1c7847ee449_JaffaCakes118 | Triage

Sharing

General

Target

4a18fa2bcbecf9106a86c1c7847ee449_JaffaCakes118
Size

176KB
MD5

4a18fa2bcbecf9106a86c1c7847ee449
SHA1

95957a0bec6a9a0645c5c6e6d592b72590acc959
SHA256

1b5e96834951aa893ddef85e8e83176d4a3e81773afd9dbfaa89303856ae0f7c
SHA512

a15c66bfd66b189a958d826e94f9a245f60316cca1b24437e80af19dafc6576cdf2f4ce3fbbc2132a199f8f1fcfca211bc8b904426d86544f14e466fb9d25367
SSDEEP

3072:9ZkWhDdq4L2zfNkZkBT1NeFO1gnJHWyNGObjj7bbVzr8vKPNn5NxbnzwS3X12bss:9NhDdBLENkcT10EeJ9Rjj7nVf8vszxbA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/3677_heart_aimlol.exe

Files

4a18fa2bcbecf9106a86c1c7847ee449_JaffaCakes118
.rar
3677_heart_aimlol.exe
.exe windows:4 windows x86 arch:x86

9c412435eadbb8f5c28091b1603484ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

IsDialogMessageA

gdi32

CreateBitmap

comctl32

ord17

shlwapi

PathFindFileNameA

oleacc

LresultFromObject

winspool.drv

DocumentPropertiesA

advapi32

RegSetValueExA

oleaut32

VariantInit

Sections

.text
Size: 159KB - Virtual size: 468KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE