390761f0050295d2df63827db5666070_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

390761f0050295d2df63827db5666070_JaffaCakes118
Size

311KB
MD5

390761f0050295d2df63827db5666070
SHA1

c36c4856e21e4c4bea3c36f2beaade913d831d89
SHA256

fd21c6f6c11e29954c20bbe849c02518dc65f71bb080d8adff79128a012dfa0e
SHA512

5f1116e985c60cbfaf4551ad732978c07575442bf9f066f2b1d0bc52f3eede59ac3c42ea88a9e26a66572b03f4a7f1a5e3a4e60d21540d2d7b0300c0d58a5cef
SSDEEP

6144:gtjOvK05B0fedevqxxIDslJlThTWwUnG783M/:6TcB0fedQqHxMwUnGj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
390761f0050295d2df63827db5666070_JaffaCakes118

Files

390761f0050295d2df63827db5666070_JaffaCakes118
.exe windows:5 windows x86 arch:x86

05fd35284c5b08851956a8f081575e1a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

wsock32

WSACleanup

winmm

mixerOpen

version

VerQueryValueW

comctl32

ord17

user32

GetDC

gdi32

BitBlt

comdlg32

GetOpenFileNameW

advapi32

RegCloseKey

shell32

DragFinish

ole32

CoGetObject

oleaut32

SafeArrayUnaccessData

Sections

.MPRESS1
Size: 283KB - Virtual size: 800KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE