b585a31cd3e8d4a26532b29225fe3229_JaffaCakes118 | Triage

Sharing

General

Target

b585a31cd3e8d4a26532b29225fe3229_JaffaCakes118
Size

434KB
MD5

b585a31cd3e8d4a26532b29225fe3229
SHA1

4a07a20cb71c3a457b36e3072c1f941ab4d5a3e8
SHA256

c915ccea37cac552eeae7dc615830a89623935d456de7e302af1a147309bb9f6
SHA512

e1078655f6f0fadf10ef605b229f452109c7ad398b7bae5647fea63da58d8535ed694af5b6f51eb32a80147ee0a3d8335377ea5b320c57b0130fd7a8b97bda81
SSDEEP

12288:PjNQ9zq65L5XdRPmYOzfkZboNcD/V9/Iei:25qUltZmYOzfFNcD/rIT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b585a31cd3e8d4a26532b29225fe3229_JaffaCakes118

Files

b585a31cd3e8d4a26532b29225fe3229_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3bc18eccdacd8a6daeef22ae23e4f259

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
IsWindowEnabled

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
SetErrorMode

winmm

sndPlaySoundA

msvfw32

DrawDibOpen

avifil32

AVIStreamGetFrame

gdi32

SetROP2

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter

advapi32

RegSetValueExA

shell32

ShellExecuteA

comctl32

ord17

Sections

.text
Size: 21KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE