2cb8e890a0a9010d060bd55974bf6a29_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2cb8e890a0a9010d060bd55974bf6a29_JaffaCakes118
Size

381KB
MD5

2cb8e890a0a9010d060bd55974bf6a29
SHA1

ba2a238b1290d3a4f6880c6523acbabc2eb483ee
SHA256

00072954a03ff661a53d8c48036669601b986e9c4dc6a295ede82513d93fb073
SHA512

9cbbdb3326b9e709604386d3a8bcd1d6f06f4ef764991cee221370e705583e1466a21fffe3ff6815802dc26eb23c75c6d9df49dd79e757d732486533ff502919
SSDEEP

6144:xwQjf21eWEol0jRah4ywW2H+yTEzKF2X9Mq/nwMDYeBcmumMuanDcbFcxe2Mx:xwQW5ekrwW2H+yTkK0ODMDYeBrum1aDr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cb8e890a0a9010d060bd55974bf6a29_JaffaCakes118

Files

2cb8e890a0a9010d060bd55974bf6a29_JaffaCakes118
.exe windows:4 windows x86 arch:x86

651b6c56f2024767f93a61b332bb0e04

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

ws2_32

WSAIoctl

winmm

waveOutWrite

wininet

InternetReadFile

comctl32

ImageList_SetIconSize

advapi32

StartServiceA

oleaut32

SafeArrayPtrOfIndex

avicap32

capCreateCaptureWindowA

user32

GetKeyboardType

gdi32

UnrealizeObject

shell32

Shell_NotifyIconA

mpr

WNetOpenEnumA

version

VerQueryValueA

wsock32

WSACleanup

msacm32

acmFormatChooseA

Sections

CODE
Size: 368KB - Virtual size: 808KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

love
Size: 50B - Virtual size: 50B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE