83c9c85e34770fc62e49f8c9ddfff694_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

83c9c85e34770fc62e49f8c9ddfff694_JaffaCakes118
Size

822KB
MD5

83c9c85e34770fc62e49f8c9ddfff694
SHA1

7be091e12b599a9596df9e288bfa312380bbc224
SHA256

4de1c74d4c17def9c0b55b5eefbd6e9d52b19b125c5d10c392588e2545247d72
SHA512

40edc8ee9b094cab420caee95525c00a3348c3884c224dbe7242763706040f2c225f1dd667429f16b15a1226ceee817dda642c6bf3ea26e11a9cbf01b6c9ae5a
SSDEEP

12288:ezBfHVcLV/wzz/fRcgach+mQ/a/nZTLKYIWy4Mrw5g3byFcW50QXAA4XyjQEydM+:C6VInRhk7/avZvZIGMlyGQQAUyjDgR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83c9c85e34770fc62e49f8c9ddfff694_JaffaCakes118

Files

83c9c85e34770fc62e49f8c9ddfff694_JaffaCakes118
.exe windows:5 windows x86 arch:x86

14f05f4a1292f94b9afdd2bf97538918

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDC

gdi32

Pie

comdlg32

GetFileTitleA

advapi32

RegOpenKeyA

shell32

DragFinish

ole32

OleInitialize

oleaut32

VariantInit

comctl32

_TrackMouseEvent

shlwapi

PathIsUNCA

version

VerQueryValueA

wininet

InternetOpenA

secur32

QuerySecurityPackageInfoA

oledlg

ord8

opengl32

glEnd

wldap32

ord74

Sections

.MPRESS1
Size: 817KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE