33c797151915d5eeff30a3732f9b581c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

33c797151915d5eeff30a3732f9b581c_JaffaCakes118
Size

265KB
MD5

33c797151915d5eeff30a3732f9b581c
SHA1

0903daf5b3764ee8cdf7e5c570c745e237e7714f
SHA256

bc3bc714d7606ef567a8b72d04274dcf7faf9923153c6eeaf7bc8dce41b2e441
SHA512

7ae550819fe35181ecea219e958c4125ff94b5af340fa6ece487b65bf32d8a0777a5e4ce3c2299dffbacfe5459defa42f8b2ef1b924ea04b36443d54530dddd7
SSDEEP

6144:aXFbE+9GyFWAme/OQeWIZpy3jlxZEzsD+ITPvHfL90:aPl7mebdgwZxZ7+ITnHG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33c797151915d5eeff30a3732f9b581c_JaffaCakes118

Files

33c797151915d5eeff30a3732f9b581c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

687c39fabe3e9063ca417348e6afcec7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

mpr

WNetGetUserA

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

shell32

ShellExecuteA

wininet

InternetReadFile

winmm

waveInUnprepareHeader

netapi32

Netbios

avicap32

capCreateCaptureWindowA

msvfw32

DrawDibDraw

urlmon

URLDownloadToFileA

ws2_32

gethostname

Sections

CODE
Size: 254KB - Virtual size: 728KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE