a0eb8e93cfb01b084e31771f9c42a5ea_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a0eb8e93cfb01b084e31771f9c42a5ea_JaffaCakes118
Size

308KB
MD5

a0eb8e93cfb01b084e31771f9c42a5ea
SHA1

0c566dc88d9729d931e67285da6d98e12cac4d59
SHA256

7488cda12417919bae90fb8d7311b646058ff082f05f25b00a9d1870c0968241
SHA512

53c6c0540c39c341b9310548a53aed7c963947534742f5361726ee2411ac9ea6ca68124a901ad4f08e8b5c95bc5e43e12d2ba2fefbc38cba0c3894523f6fe843
SSDEEP

6144:CVuWS9fvqpQGlciPYwMOD4dyxDK0GYXkwemFBsUM+dWrX3omY:u2BGKiAwfMdKDKdYUwFarZY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0eb8e93cfb01b084e31771f9c42a5ea_JaffaCakes118

Files

a0eb8e93cfb01b084e31771f9c42a5ea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e04b4097b1f68db8a49bcb6649429935

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

CreateWindowExA

msvfw32

DrawDibDraw

version

VerQueryValueA

advapi32

ReportEventA

comctl32

ImageList_SetIconSize

shell32

ShellExecuteA

wininet

InternetQueryOptionA

winmm

waveInUnprepareHeader

oleaut32

SafeArrayPtrOfIndex

wsock32

WSACleanup

mpr

WNetGetUserA

gdi32

UnrealizeObject

avicap32

capCreateCaptureWindowA

Sections

CODE
Size: 298KB - Virtual size: 924KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE