8e867955b37011ce11d582e1f72c3ee5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8e867955b37011ce11d582e1f72c3ee5_JaffaCakes118
Size

6.0MB
MD5

8e867955b37011ce11d582e1f72c3ee5
SHA1

6392a691a49d1802148eb224d8705f96c8c60a43
SHA256

9da46220841db7d7bb5d6725c61db2f8f064bef155504e7bdf38e452bc93397c
SHA512

0732142055cc00ced9e99fd5e5416123cf7f4a2f3ed55ea6ba0d7dac8d40888277f4811239aa0d5611cce41a8be363ba06a881371ed1464779fa3c5d6d08cd77
SSDEEP

98304:xHfUeL//CIvnTudlRSZ7/Y7RZW+YNHKCAEkUZq8VAgwgGGyJ33i:xsez/CIvnaty7g1sPKC3xLVvGGy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e867955b37011ce11d582e1f72c3ee5_JaffaCakes118

Files

8e867955b37011ce11d582e1f72c3ee5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

aca35d13adb97d2c480a39887a5f629a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

wsock32

gethostbyname

winmm

mixerOpen

version

VerQueryValueA

comctl32

ord6

psapi

GetModuleBaseNameA

wininet

InternetOpenA

user32

GetDC

gdi32

BitBlt

comdlg32

GetSaveFileNameA

advapi32

RegCloseKey

shell32

DragFinish

ole32

CoGetObject

oleaut32

SafeArrayGetLBound

Sections

.MPRESS1
Size: 5.3MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 705KB - Virtual size: 705KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE