7072e1112f59041daa6948fdda2f6983_JaffaCakes118 | Triage

Sharing

General

Target

7072e1112f59041daa6948fdda2f6983_JaffaCakes118
Size

206KB
MD5

7072e1112f59041daa6948fdda2f6983
SHA1

b18041787d2689cfe582a030f0c5194c83c72d86
SHA256

2d6a1eb7ca40be6ba39bc22dcc1494f7fb31839e1143897a04b68bd6f450a986
SHA512

156554b17195e0f0878d3cd61035a287d6ada6d709a5c533f076a99dca84fc1dc463500f697c2129f15fda2a1bd3af7e99e3c425071f3ba8118a453235754fc1
SSDEEP

6144:Mq1xZTn8TRWZDlTyTfR3VKygpEYnIEixbB:VPTywRlTyTfn9xB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7072e1112f59041daa6948fdda2f6983_JaffaCakes118

Files

7072e1112f59041daa6948fdda2f6983_JaffaCakes118
.exe windows:5 windows x86 arch:x86

adc47254772a5da4960714e11ec25744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

PlaySoundA

vulanhookprof

VulanUnHookDll

ohmretn

CharNextA

gdi32

SetWindowExtEx

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter

advapi32

RegSetValueExA

shell32

Shell_NotifyIconA

shlwapi

PathFindExtensionA

oledlg

ord8

ole32

CoFreeUnusedLibraries

oleaut32

SysFreeString

Sections

.text
Size: 190KB - Virtual size: 576KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE