18c533e9c405aad8badef11743209183_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

18c533e9c405aad8badef11743209183_JaffaCakes118
Size

1.0MB
MD5

18c533e9c405aad8badef11743209183
SHA1

fa75c9acd900f7a67a8591cc9fc0add9d3fe42da
SHA256

cd913fd6ca1f9cd9201dfd9edc73ca8cadadfc7a3fa788a2f445c3997fe82fc6
SHA512

12b0cfdd2df282912e05958bd832f6485927fb912944dff37146e26fbe7bec1585aa531177fc9424f4b629e77d4e97557751e08f76136e2ca476e7d60cd5055f
SSDEEP

24576:rpu08rR4dkkur79l7082izxMlFhHklxXMyQiS0wT7/3xwlR8W:rpvyR4dSr7jdM5kvcy/q/heF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18c533e9c405aad8badef11743209183_JaffaCakes118

Files

18c533e9c405aad8badef11743209183_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3faf005f3205ad7d4a9b679b7eadcbec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvfw32

DrawDibDraw

avifil32

AVIStreamGetFrame

winmm

midiStreamClose

ws2_32

WSAStartup

version

VerLanguageNameA

rasapi32

RasGetConnectStatusA

user32

GetSysColorBrush

gdi32

CombineRgn

winspool.drv

ClosePrinter

comdlg32

ChooseColorA

advapi32

RegCreateKeyExA

shell32

SHGetSpecialFolderPathA

ole32

CoGetClassObject

oleaut32

VariantChangeType

comctl32

ImageList_Draw

oledlg

ord8

wininet

InternetCanonicalizeUrlA

Sections

.text
Size: 1.0MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE