161cb2c8b14d235f6229e5799fb85858_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

161cb2c8b14d235f6229e5799fb85858_JaffaCakes118
Size

592KB
MD5

161cb2c8b14d235f6229e5799fb85858
SHA1

31db12756354840bc0317566aeb4b3e7d8fc698d
SHA256

c7a31270928243d81c51d71be2e4aa93518a9c4f9279a18ee8e85144520605c8
SHA512

0d9d9070972c9bed57f1fbfe5a644ddba28807ec0567bf19d00f9149959d1563c5c8c88beeba6e1760e249a28018105c4a5bbc3cc64ef405f29c0d701b0535df
SSDEEP

12288:gGS7WyPIjA/7/4DU4lAmTh8Ywewu9hlaJRvn2sMv9CT+3cW:AHcDU4flwU9SPQ9CTJW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
161cb2c8b14d235f6229e5799fb85858_JaffaCakes118

Files

161cb2c8b14d235f6229e5799fb85858_JaffaCakes118
.exe windows:4 windows x86 arch:x86

66a229dd5cf4e2a03ea425d157e65c7f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

CharNextA

advapi32

RegCloseKey

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

SaveDC

ole32

IsEqualGUID

comctl32

ImageList_Add

shell32

ShellExecuteA

wininet

InternetOpenA

urlmon

URLDownloadToFileA

oleacc

LresultFromObject

winmm

timeGetTime

Sections

.MPRESS1
Size: 564KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE