6a9ba386f9a1e5197209e11fb4999815_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a9ba386f9a1e5197209e11fb4999815_JaffaCakes118
Size

381KB
MD5

6a9ba386f9a1e5197209e11fb4999815
SHA1

4b6c16da00e87295779e4d954199779912650584
SHA256

b380f234dcea6923eef7c0a25e34506024adb59b24be2089b6c3eaabe2d80293
SHA512

6afeb57afafdccf82c0c13babe52e663514d2233b19fd41baca0bb57e3089a10451735b288d40b29f7aeb5e1332a9739f382cae72f57142291f7d869b404d1ff
SSDEEP

6144:LwYXYgBWZqR1bhoEpmqymmj9ZVBGrQWnvmmAK+dZBgrQvRF5kCpLnJcTXAKAlnVj:LbWZqr9oqmq6jSrzhuZB7r5kULnJcTwB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a9ba386f9a1e5197209e11fb4999815_JaffaCakes118

Files

6a9ba386f9a1e5197209e11fb4999815_JaffaCakes118
.exe windows:4 windows x86 arch:x86

feab1afd160daf5923db86e3733bde8a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

CreateWindowExA

ws2_32

WSAIoctl

advapi32

RegQueryValueExA

wininet

InternetReadFile

shell32

Shell_NotifyIconA

mpr

WNetOpenEnumA

comctl32

ImageList_SetIconSize

oleaut32

SysFreeString

msacm32

acmFormatChooseA

wsock32

WSACleanup

gdi32

UnrealizeObject

winmm

waveOutWrite

version

VerQueryValueA

avicap32

capCreateCaptureWindowA

Sections

CODE
Size: 368KB - Virtual size: 816KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

love
Size: 34B - Virtual size: 50B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE