af2dc14af732c06f5109066c7d3ef32f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af2dc14af732c06f5109066c7d3ef32f_JaffaCakes118
Size

140KB
MD5

af2dc14af732c06f5109066c7d3ef32f
SHA1

c556d3c782ac79417c297011c031efe39c11b404
SHA256

466436f9b4d95909b6bedc81e0d1f768b541975d01631a234e98fe4423c34d10
SHA512

10eb74b7b52975a263a3c944bc40a7e24af517c81bf3a10122c1ba182a312d755050fbfee45b861f642c7225e5c5ed55aa9abb14c76d1828701f277957185e6d
SSDEEP

3072:jO42NH8w0ADTLUzcRHLsQbWIrrDThG29xU6UAJ:jOxcw0wLP3b533B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af2dc14af732c06f5109066c7d3ef32f_JaffaCakes118

Files

af2dc14af732c06f5109066c7d3ef32f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1f9fa19ff13933d2b26311707c396b45

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
FormatMessageA
GetLastError
SetLastError
VirtualAlloc
CloseHandle
MapViewOfFile
CreateFileMappingA
VirtualFree
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameA
GetModuleFileNameW
GetVersionExA
UnmapViewOfFile
VirtualQuery
SetFilePointer
ReadFile
CreateFileA
GetEnvironmentVariableA
GetProfileIntW

user32

MessageBoxA
FillRect

gdi32

RoundRect

winspool.drv

ClosePrinter

comdlg32

GetSaveFileNameW

advapi32

RegOpenKeyExA

shell32

SHGetSpecialFolderPathW

ole32

CreateStreamOnHGlobal

oleaut32

OleLoadPicture

shlwapi

PathStripToRootW

comctl32

ImageList_Create

msimg32

AlphaBlend

rpcrt4

RpcStringFreeW

winmm

PlaySoundW

Sections

.text
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.res
Size: 27KB - Virtual size: 18.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE