6674e52a3be908e3d83c4a2815e58542_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6674e52a3be908e3d83c4a2815e58542_JaffaCakes118
Size

31KB
MD5

6674e52a3be908e3d83c4a2815e58542
SHA1

aa93445758877272c15586de7cb1c41c91a14bac
SHA256

3fbde9fb49e0bf2bc47f7075e42833dcdbb9454f6031d524489916c5195557ca
SHA512

0f2f58ef749dbe684d5b5e07a0c831a2fb9163aedc550548e12b77a8809fd7b1cfd77be114d347ddb3129358273539d5b012e57e8e60bc7df27ae28a7dc4969b
SSDEEP

768:QjmRyS35CARM4cMZhCUxvPZj7Dh3Fkclo7:QjmL3MARz9ZcUxZF3Fkclo7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6674e52a3be908e3d83c4a2815e58542_JaffaCakes118

Files

6674e52a3be908e3d83c4a2815e58542_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dd09f04046df5da3c8bcd261167f0828

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDC

gdi32

BitBlt

advapi32

FreeSid

shell32

Shell_NotifyIconA

setupapi

SetupDiGetClassDevsA

winmm

mixerOpen

hid

HidP_GetCaps

Sections

.MPRESS1
Size: 18KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE