75ceead6e0c723f2b5b67a4719833b22_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

75ceead6e0c723f2b5b67a4719833b22_JaffaCakes118
Size

1.5MB
MD5

75ceead6e0c723f2b5b67a4719833b22
SHA1

4bb68259eb0ca37afbff3ba1635101bfea1fbac5
SHA256

e0363c6a344cf7d3fb4377e35684089c46946824902e967b5f5dd92ac209b241
SHA512

cc5687bf3fcd810b65d8c37b56b0b2052706c583c4cce8cc746ced01229e13eb0d382757baaf330ec9a0aaca351d833acec01921dc595d7f956cafbe00ae5962
SSDEEP

24576:lhcEBkRx8dQjkQvLP5Y1og+MwylgTZgEEjhPir1DVj3OhWZY4wSGN4:lhv4qCjbb5ZgG51tEjtir1DVjo94NA4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/MP3PA.EXE

Files

75ceead6e0c723f2b5b67a4719833b22_JaffaCakes118
.zip
EULA.TXT
FAQ.TXT
MP3PA.CHM
.chm
MP3PA.EXE
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 523KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
MP3PA.EXE.MANIFEST
.xml
Template.INI
WHATSNEW.TXT