d1cbb12ff95d418ebd26567a0a9649a7_JaffaCakes118 | Triage

Sharing

General

Target

d1cbb12ff95d418ebd26567a0a9649a7_JaffaCakes118
Size

183KB
MD5

d1cbb12ff95d418ebd26567a0a9649a7
SHA1

cc6170cd4b4dd8b5328102f87c73791e5cd1d8c8
SHA256

620a561837e1531f5d161c7f62b3e2271e09da60dcb2d574f506fe1b280e990a
SHA512

798cae322be95a531d87e8e20ddeee8591afd1f6b371a86e570b55487f5762a989fbc1ac528683acab37971905b3a1e47d67102d46e52817b3def6e9926d41ec
SSDEEP

3072:+uxSBUluQCL4TCPUljUV2W3GL7W1rnsOUmjTBfj48jJ9/:+ux6eutLqCwjUh4ObUCTBs8j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1cbb12ff95d418ebd26567a0a9649a7_JaffaCakes118

Files

d1cbb12ff95d418ebd26567a0a9649a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1aaae7b6b6a06fb15b0b01bb34fee146

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

CharNextA

advapi32

RegCloseKey

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

GetObjectA

ole32

CoCreateGuid

wsock32

send

wininet

InternetOpenA

shell32

Shell_NotifyIconA

avicap32

capCreateCaptureWindowA

winmm

waveInOpen

msacm32

acmStreamSize

Sections

.text
Size: 173KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

F3Ekmal0
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 524B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ