0fe982dab28ec0ac8a2ee78abf4e81a8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0fe982dab28ec0ac8a2ee78abf4e81a8_JaffaCakes118
Size

383KB
MD5

0fe982dab28ec0ac8a2ee78abf4e81a8
SHA1

5cf19b1d521a3840371c24d250438df7afb3bf63
SHA256

d74724244ef670fad20b2bd7bf6401f38f29dc52c797f6a0df1b0de560e6ad78
SHA512

65779de09a592e4927166cae89e219c91eac826d86c86d4e5fbe2ad5a19f341fb23bf717b47def8f993bc6bf169869c8316f8348550e04e54c61f5c95d8806b1
SSDEEP

6144:99JAPkX7GBDMsbySHvY0qMME0p6+E4MicfDA50tN6v8QhUJx:93rXuvbyihBMBlE4bsDA5you

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fe982dab28ec0ac8a2ee78abf4e81a8_JaffaCakes118

Files

0fe982dab28ec0ac8a2ee78abf4e81a8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ec972a1b76646393fa0fc95613e5da2d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

advapi32

SetSecurityInfo

mpr

WNetOpenEnumA

winmm

waveOutWrite

shell32

Shell_NotifyIconA

wininet

InternetReadFile

avicap32

capCreateCaptureWindowA

user32

GetKeyboardType

gdi32

UnrealizeObject

ws2_32

WSAIoctl

wsock32

WSACleanup

oleaut32

SafeArrayPtrOfIndex

comctl32

ImageList_SetIconSize

version

VerQueryValueA

msacm32

acmFormatChooseA

Sections

CODE
Size: 371KB - Virtual size: 812KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

love
Size: 50B - Virtual size: 50B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE