02ebe55a769762b130884e733f9b6d6f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02ebe55a769762b130884e733f9b6d6f_JaffaCakes118
Size

431KB
MD5

02ebe55a769762b130884e733f9b6d6f
SHA1

bbf3a9b2b33bb89798d5e8c0d04ce64cb8a4c93d
SHA256

650565d27229d1996c41b5d39f74ac7aa4d899aa2dbaeaa83a3b89e2f1d67bc6
SHA512

6d63b85a4f656ebe95c01709b013d48581bb516b29c1174715d52a343c8921be0724674726a4e66139a1302a2cf442aab38c511fe7951804960f94005389afe5
SSDEEP

12288:lxm+pAIOn9zjkSzLI4qLjq6Mk5CXO+D/TQSqEvnf:JArpAcOjq6LC+6TQSqEvnf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02ebe55a769762b130884e733f9b6d6f_JaffaCakes118

Files

02ebe55a769762b130884e733f9b6d6f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

57ad9d6d04b76bda02b7a5d770e7206f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualProtect
GetModuleHandleA
GetProcAddress

user32

CharNextA

advapi32

RegCloseKey

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

SaveDC

comctl32

ImageList_Add

shell32

ShellExecuteA

winmm

waveInOpen

avicap32

capCreateCaptureWindowA

msvfw32

DrawDibDraw

urlmon

URLDownloadToFileA

Sections

.text
Size: 421KB - Virtual size: 716KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

520mm
Size: 17B - Virtual size: 17B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE