afb71394be055d2441ca8a0bf50b9083_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

afb71394be055d2441ca8a0bf50b9083_JaffaCakes118
Size

734KB
MD5

afb71394be055d2441ca8a0bf50b9083
SHA1

7f1a9deac2707902b3336eecc8f5a40d0539fe1c
SHA256

545c4ece5e80e68f2d02744cce76aa25a9fa4278ad38df510c87fddd7bfcb1b3
SHA512

4b4fbab77130a34c7fd165a3075cc6219d516a602ca4dc3ddd90a3888e10dc60fb6ada851e1be15980544706c1dc160ad1d9ca340c0db760f468bc5121b7d45b
SSDEEP

12288:AF2yxALh2cjV3p8wWOpcMBbPf14r1pChQwiiMAp/tigDnbx1EjNnNPVT7zTQp:AIHNHjVOwliMdGx06wiijmEbvEjZjTvM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
afb71394be055d2441ca8a0bf50b9083_JaffaCakes118

Files

afb71394be055d2441ca8a0bf50b9083_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cfdff0f8890acaa29c9b39f2c6df6609

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

wsock32

socket

winmm

PlaySoundA

user32

MessageBeep

gdi32

GetObjectA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA

advapi32

RegEnumValueA

shell32

SHGetFileInfoA

comctl32

ImageList_GetIconSize

shlwapi

PathIsUNCA

oledlg

ord8

ole32

CoTaskMemFree

oleaut32

SysFreeString

Sections

.text
Size: 721KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE