b728c6ef10d866512f2301da2379892c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b728c6ef10d866512f2301da2379892c_JaffaCakes118
Size

383KB
MD5

b728c6ef10d866512f2301da2379892c
SHA1

df90085b794e2283c3953425634d068209a33451
SHA256

f7daff522b3037e412f03b5629cb30979d536c4f5697f8d1e38557233f7a83ae
SHA512

f3a7ac6d249cf9067efd6b26b8f059e2458eed96a6922aa9b527f4f4e51c1249f4eed9419ae951606c4eb24a18a7433609dcd5e03f67d83c1af56bdc721d7e47
SSDEEP

6144:Rd8c+PEquHgcagdjsRSS02aKiFk1XXpyLbJGGURwN2Khd0uyzT5H2cD2P:RuJAH1bjsn02SkJ5cbQ1RwN2yjU5Hd6P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b728c6ef10d866512f2301da2379892c_JaffaCakes118

Files

b728c6ef10d866512f2301da2379892c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cb7e5709858cea007190c0b48dd2212f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

CreateWindowExA

wsock32

WSACleanup

shell32

Shell_NotifyIconA

avicap32

capCreateCaptureWindowA

advapi32

StartServiceA

version

VerQueryValueA

oleaut32

SysFreeString

msacm32

acmFormatChooseA

ws2_32

WSAIoctl

wininet

InternetReadFile

mpr

WNetOpenEnumA

winmm

waveOutWrite

comctl32

ImageList_SetIconSize

gdi32

UnrealizeObject

Sections

CODE
Size: 371KB - Virtual size: 812KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

love
Size: 50B - Virtual size: 50B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE