2aa1acbff94e2395d7ce3a2719607838_JaffaCakes118 | Triage

Sharing

General

Target

2aa1acbff94e2395d7ce3a2719607838_JaffaCakes118
Size

275KB
MD5

2aa1acbff94e2395d7ce3a2719607838
SHA1

ba83fed3dbac60722b2abe437371ac2919fbcc53
SHA256

9ce6c265c8f705f04432f97139e25009cf5d91da0c8f7344a48049aaf2d2b2e8
SHA512

de4ba71c6976b2edd200ae1f80e3bc520dd09d2c6254aae0a2d0ed70520739372c68add406530b2ec5ba52bfe745fe91bce9b621433e803c3a5356bf6b960b0d
SSDEEP

6144:g6bbVYe4Nf2tm+iHp2tQOZgLCw6oKlD80uVVVdBuAqbc8:gmbVYeiSAp2COZ9wdKlDdux

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2aa1acbff94e2395d7ce3a2719607838_JaffaCakes118

Files

2aa1acbff94e2395d7ce3a2719607838_JaffaCakes118
.exe windows:4 windows x86 arch:x86

98c7fcc7ada7539adc2f157df20eee3b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

waveOutWrite

msacm32

acmFormatChooseA

wsock32

WSACleanup

shell32

Shell_NotifyIconA

advapi32

SetSecurityInfo

comctl32

ImageList_SetIconSize

version

VerQueryValueA

oleaut32

SysFreeString

user32

GetKeyboardType

ws2_32

WSAIoctl

mpr

WNetOpenEnumA

gdi32

UnrealizeObject

avicap32

capCreateCaptureWindowA

wininet

InternetReadFile

Sections

CODE
Size: 262KB - Virtual size: 808KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

love
Size: 50B - Virtual size: 50B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE