314d642883393a7356c2bfe142663112_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

314d642883393a7356c2bfe142663112_JaffaCakes118
Size

403KB
MD5

314d642883393a7356c2bfe142663112
SHA1

ab075a225eec55ba6932c7059bde23db4dac359a
SHA256

58e5633f8d8bc0c5f0129e1944a86fc7e02c82cfc672654c01ddb27c437d7f14
SHA512

ac59fcca32a4c66f837880505789eb0bcfd7994f8a7fdc2d135eeb659e0784aba7404b6909d8dd9871d4481ec4597485263db71c6fde5651e4b65b1cbdb2561d
SSDEEP

6144:vKw+ueZ3PJC4XzkRGEpzTtzX0f+GXRSScSRFBC3n9QSexiuQaotfku/k7az5QFhF:ijuqg+wR9zT4NBC3nURct5exya0dR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
314d642883393a7356c2bfe142663112_JaffaCakes118

Files

314d642883393a7356c2bfe142663112_JaffaCakes118
.exe windows:4 windows x86 arch:x86

593f96e5c3b9f1e5d67f0d8fbdbd59ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

version

VerQueryValueA

wininet

InternetReadFile

oleaut32

SafeArrayPtrOfIndex

advapi32

SetSecurityInfo

user32

GetKeyboardType

wsock32

WSACleanup

msacm32

acmFormatChooseA

gdi32

UnrealizeObject

ws2_32

WSAIoctl

comctl32

ImageList_SetIconSize

winmm

waveOutWrite

shell32

Shell_NotifyIconA

mpr

WNetOpenEnumA

avicap32

capCreateCaptureWindowA

Sections

CODE
Size: 391KB - Virtual size: 860KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

love
Size: 50B - Virtual size: 50B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE