50188d2d0da30dcc6cdf744181c83f21_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

50188d2d0da30dcc6cdf744181c83f21_JaffaCakes118
Size

176KB
MD5

50188d2d0da30dcc6cdf744181c83f21
SHA1

b0a345b4c6bf6644905925e536eb22bc9508013e
SHA256

f7d5ee911e44fcc768994ca71f803a88f86a51c68d16467f24f18919cca6ac58
SHA512

4d4e057831d9bc10d37f65acf75d964820820d78e54cdd0695903c4d672e9cc3149d97905c5d55de76dd5bde0f11fd9533d3e64096bcd318e17ee390401b198e
SSDEEP

3072:MTngM/Zk4T1NeFO1gcJVWyN/ArMUQqfiiKJ8SEsp9b1f5ibNssOCacyC0A:MTgM/BT10EVJT/ArMRtlmSD3bjiB8YR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/AIM-CSS-v0.6.exe

Files

50188d2d0da30dcc6cdf744181c83f21_JaffaCakes118
.rar
AIM-CSS-v0.6.exe
.exe windows:4 windows x86 arch:x86

9c412435eadbb8f5c28091b1603484ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

IsDialogMessageA

gdi32

CreateBitmap

comctl32

ord17

shlwapi

PathFindFileNameA

oleacc

LresultFromObject

winspool.drv

DocumentPropertiesA

advapi32

RegSetValueExA

oleaut32

VariantInit

Sections

.text
Size: 159KB - Virtual size: 468KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE