159feb7322e3b43356f71bea36a852de_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

159feb7322e3b43356f71bea36a852de_JaffaCakes118
Size

1.5MB
MD5

159feb7322e3b43356f71bea36a852de
SHA1

2f0dd5dbed412872b2c1fe05e70cc70cf5c8ce45
SHA256

d26fbd17152a44ee9608a96dd95f19d66585ab6bf138f6326b51b4ff3db8470c
SHA512

77092badf24047821a33c010da7eb4130f1305132fda60c76ac30bd0159463f4ed904a79fe4cc768508485592dfb5e160ec4385fb326cccfcbfee3d1a46293a5
SSDEEP

24576:feXErjboSwYvhlHZkFVPNxC5eoNnVNh6v5z/4aZrmSNk9tdf8RCoycZGWS:73bPrvnHZkFVVCnF6xz/4KUXYvS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
159feb7322e3b43356f71bea36a852de_JaffaCakes118

Files

159feb7322e3b43356f71bea36a852de_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2a42767be8538c0f12f9b580cf96371a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

PlaySoundA

ltfil10n

ord105

ltimg10n

ord117

ltkrn10n

ord133

lttwn10n

ord103

ltdis10n

ord139

ltdlg10n

ord104

ltefx10n

ord102

user32

IsDlgButtonChecked

gdi32

OffsetRgn

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter

advapi32

RegQueryInfoKeyA

shell32

SHAppBarMessage

comctl32

ord17

shlwapi

PathFindExtensionA

oledlg

ord8

ole32

CreateILockBytesOnHGlobal

oleaut32

SafeArrayDestroy

msvfw32

DrawDibRealize

version

GetFileVersionInfoA

Sections

.text
Size: 1.4MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE