646556311098fc9be35062c5de155f47_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

646556311098fc9be35062c5de155f47_JaffaCakes118
Size

380KB
MD5

646556311098fc9be35062c5de155f47
SHA1

492dbca6ab70ccc0a004bc07964a4324d135e5b4
SHA256

51f99b124c3c3dcea22f6e96fe2583dea125b8a3a1674650ee9c474fbd513b2c
SHA512

155d6ac7e4a57f14d2f40ac669b62d9a722e4f05b58f26f9ebae0b000301de08da86431f023c9117d2f6a9f21b7089021341797ceb931ccaaca5cae258f5c58d
SSDEEP

6144:k3olZ0ICExh20JOk0poPRmi/dYZHvQV1C21VQlPrt7eLVWFE+tJ9qXCsGgz02yaH:KoD07UxJ6poPRmUdYZHC156L7E4pQ9Ai

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
646556311098fc9be35062c5de155f47_JaffaCakes118

Files

646556311098fc9be35062c5de155f47_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1854ee9d514502d5f7db823c80572195

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

mpr

WNetOpenEnumA

advapi32

StartServiceA

comctl32

ImageList_SetIconSize

oleaut32

SafeArrayPtrOfIndex

ws2_32

WSAIoctl

user32

CreateWindowExA

shell32

Shell_NotifyIconA

avicap32

capCreateCaptureWindowA

version

VerQueryValueA

wsock32

WSACleanup

winmm

waveOutWrite

gdi32

UnrealizeObject

msacm32

acmFormatChooseA

wininet

InternetReadFile

Sections

CODE
Size: 368KB - Virtual size: 788KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

love
Size: 50B - Virtual size: 50B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE