92574701873eb951872a892b1814fc50_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

92574701873eb951872a892b1814fc50_JaffaCakes118
Size

128KB
MD5

92574701873eb951872a892b1814fc50
SHA1

9d875b67373f2897cdb47dcfe99767f635e3c21a
SHA256

b16f8bd2845ab2175f420303d8db4159057681c5b3bfd89ead20e06b78c85922
SHA512

868b9a69b0fcbdf1103b94bc5567744f1b7d0aa02ac61fe1cf3a5616b286958943a0704e00d14b46ef6fde2b18f97fc259a1742aa2cae485599b9b48bcd64e8c
SSDEEP

3072:pvcIAH/PxMffKaoSZRFGap3MVVcyu8ZM:Wt/PxAcg3+cyr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
92574701873eb951872a892b1814fc50_JaffaCakes118

Files

92574701873eb951872a892b1814fc50_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0868b2430af5331449585c26c4e77b9e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDC

advapi32

RegCloseKey

shell32

DragQueryFileW

ole32

OleRun

veautility

??0CAuiResource@VEA@@QAE@XZ

msvcp60

??0_Lockit@std@@QAE@XZ

xmlwrapper

_XmlParser_CreateObject@8

magcore

Mag0Inter

magpcmac

Mag0FSRRelease

msvcrt

rand

magappframework

??1CMagApp@@UAE@XZ

utmemuimgrengine

ord2

gdi32

DPtoLP

oleaut32

GetErrorInfo

Sections

.MPRESS1
Size: 57KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE