c12bbce21048f3d31b8697c4494664dc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c12bbce21048f3d31b8697c4494664dc_JaffaCakes118
Size

564KB
MD5

c12bbce21048f3d31b8697c4494664dc
SHA1

b003b45bcf80bc84a837804134a9ec930b65237f
SHA256

9a36ca77c0330c4dfa1d2ba909bcbf986f6498eec17398749b144676dc238874
SHA512

10c0c443a4e814f6e07f742877bfa556d6d794a5f73aa0c2a14a2eb3b45abe9f61e1c8504e15a18f4c36847501e1105a7880e6d77200b9bbf5559d3eef281567
SSDEEP

12288:BtdmAHgoIJAz54OB5nDmtabdT32qlAOk+H7NeaA8Yb6D:Bi0eOBOa939S6jwu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c12bbce21048f3d31b8697c4494664dc_JaffaCakes118

Files

c12bbce21048f3d31b8697c4494664dc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4452c8eb6a7bf8eac927af443e85aedc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

advapi32

SetSecurityInfo

ws2_32

gethostname

urlmon

URLDownloadToFileA

avicap32

capCreateCaptureWindowA

msvfw32

DrawDibDraw

netapi32

Netbios

wsock32

WSACleanup

winmm

waveInUnprepareHeader

wininet

InternetReadFile

shell32

ShellExecuteA

comctl32

ImageList_SetIconSize

oleaut32

SafeArrayPtrOfIndex

user32

CreateWindowExA

gdi32

UnrealizeObject

version

VerQueryValueA

mpr

WNetGetUserA

Sections

0.ELO
Size: 553KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE