c8a9f6079c303c4bdb36995f0534ccfc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8a9f6079c303c4bdb36995f0534ccfc_JaffaCakes118
Size

2.1MB
MD5

c8a9f6079c303c4bdb36995f0534ccfc
SHA1

13ffcddb356652b22221eee0fec6e579fce3452a
SHA256

fcf1872ad95e950a4813d611aa739562e8dc02ff95f9a4b2fe07f6acc4d18751
SHA512

4bc14f261d8160df312811fb1431c5d85c50f2ce8e0cd36c40b7303732856b79adf3c7ec330d27a592c6f86003867e96bc5bbde73bf8cbea23caba4a3575f710
SSDEEP

49152:SJVTTFWBanKo127fbrCjYE/Jsk1VmAz0XF4:SJ1FWSdCfbGjYEakiA84

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8a9f6079c303c4bdb36995f0534ccfc_JaffaCakes118

Files

c8a9f6079c303c4bdb36995f0534ccfc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e4064ea5d4e5504ede3152288c91f1b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

_isource30

_IS3ColorCompare

advapi32

RegCloseKey

cmcs21

CMRegisterLanguage

comctl32

InitCommonControls

comdlg32

GetSaveFileNameA

dbghelp

SymCleanup

gdi32

SetRectRgn

netapi32

Netbios

ole32

OleTranslateAccelerator

oleaut32

SafeArrayGetUBound

oledlg

OleUIConvertA

shell32

DragQueryFileA

user32

MessageBoxA

version

GetFileVersionInfoA

wininet

InternetGetLastResponseInfoA

winmm

PlaySoundA

winspool.drv

ClosePrinter

Sections

BRAT0
Size: 2.1MB - Virtual size: 11.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE