41b5a25c693dc84c51e66027f7bb422a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

41b5a25c693dc84c51e66027f7bb422a_JaffaCakes118
Size

359KB
MD5

41b5a25c693dc84c51e66027f7bb422a
SHA1

87bc2631429b1c5df3c6a7881ee4ce679a6f346b
SHA256

49988d7b6e14741e76532afd71a2bfe1e8de19cf81b0d8fd80d6b733017359b8
SHA512

d2061a11ea9aa107c9cafd6b7a85b818775910004e519aeefa6ff8cc1733296dd2698d7af3e312cc083c8884367af38f70db5dc771542fe98fbed6c2687a29de
SSDEEP

6144:m3MpfGmCBypFJgjqok2e9/dQfJgnBfBIqArPhK5gvYAtock9jry+8PfE4PfumZq:m8pfSUpkDpIIGBfezrP0WYPcyjr/83Eb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41b5a25c693dc84c51e66027f7bb422a_JaffaCakes118

Files

41b5a25c693dc84c51e66027f7bb422a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a64cca754ba85bf3d8a12cd204698736

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

wsock32

recv

winmm

PlaySoundA

user32

GetActiveWindow

gdi32

BitBlt

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter

advapi32

RegQueryValueA

shell32

DragFinish

shlwapi

PathFindExtensionA

oleaut32

VariantInit

wininet

InternetCanonicalizeUrlA

Sections

texticle
Size: 322KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE