0963f5b6770aff5357f11a636d53c074_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0963f5b6770aff5357f11a636d53c074_JaffaCakes118
Size

569KB
MD5

0963f5b6770aff5357f11a636d53c074
SHA1

0323a8ff51a33d345c86d9458c677a31b8bae390
SHA256

a669d4d57fb1dec7a2676fc2c799bb841b729b45130b4c342dc68efc00234335
SHA512

aebde49049334c168c3d08da1fd5728c2035eab8b6a885ead086d08d58f0f1752b5c920877a757012f3364e8a3fe157c79f3d564532157ad201dc9dc55709def
SSDEEP

12288:3A8pB7oSaf4GS8+pfwFr1XpR7ID0xbp/sv5KkOejWg0h/2f:3cv1S8+pfwZ15Rw032KkOejW/1o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0963f5b6770aff5357f11a636d53c074_JaffaCakes118

Files

0963f5b6770aff5357f11a636d53c074_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6f0e0dd0edb0befdf4db58fcddc524d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetForegroundWindow

gdi32

GetTextMetricsA

winmm

midiOutReset

winspool.drv

ClosePrinter

advapi32

RegOpenKeyExA

shell32

ShellExecuteA

ole32

OleUninitialize

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Destroy

ws2_32

inet_ntoa

comdlg32

GetFileTitleA

Sections

.text
Size: 553KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE