24c6122b42ecff36ae64c99e04f48d65_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

24c6122b42ecff36ae64c99e04f48d65_JaffaCakes118
Size

1.1MB
MD5

24c6122b42ecff36ae64c99e04f48d65
SHA1

8f686a469f75e695282dedb3e438615271e02158
SHA256

f081ba226c1f2a284c41448063589c18111580fbee4b2a8464e25ee9f86dd7d9
SHA512

2d3542406c4717b3ab9015d1fde28259b75a2ed80d36369159e9abec1a4132d93c66a2d012375347e54ad9510f1c2e69417330a213b433686765755bbb89e898
SSDEEP

24576:j4DDIKPiPgt0tdkqACbdupq2aqh6JkDbVskeAIzhU9ADl1DHDWOakM3c:jCIKv0bkqACdupqqDbWk/IzhkAbjW7c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24c6122b42ecff36ae64c99e04f48d65_JaffaCakes118

Files

24c6122b42ecff36ae64c99e04f48d65_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c46c401ca3d4230f65932e8816b0a1e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

free

user32

IsChild

gdi32

BitBlt

comctl32

InitCommonControlsEx

ole32

CoInitialize

shell32

ShellExecuteExA

winmm

timeEndPeriod

Sections

Size: 988KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Denimus
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE