d1f9540ddaaa04455446658c69d8bc2d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d1f9540ddaaa04455446658c69d8bc2d_JaffaCakes118
Size

1.7MB
MD5

d1f9540ddaaa04455446658c69d8bc2d
SHA1

355b6b9608fd071a0554292c219fca5ac3f73049
SHA256

2534c399abac2cffc3afea9777f1e942d6745fc8b84c38ac49d197eb128cbdbd
SHA512

92391fa4b3fba13aafff4660f12e0b8dcd3f3a5e6b8dc4f8497b0ee2a981204426231b512c9bb75ae67567c4b6f49bbb85e448cd37a021774ca3d006fe0894e2
SSDEEP

24576:2xaZ5ez+xjQTJsYNUuYLWaDxHl7US+2eoxeOgk2jEmqJ5B1lL1wHa/wLnn8iP1bY:75Q+xjoBU1zhf2k2Iy7Tn82b4obV4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1f9540ddaaa04455446658c69d8bc2d_JaffaCakes118

Files

d1f9540ddaaa04455446658c69d8bc2d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0b5cd4eefe7ddd8ea6202bf9efc6e40c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

rasapi32

RasHangUpA

user32

MessageBoxA

gdi32

SaveDC

winmm

waveOutUnprepareHeader

winspool.drv

DocumentPropertiesA

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

CreateILockBytesOnHGlobal

oleaut32

SafeArrayGetElemsize

comctl32

ord17

oledlg

ord8

ws2_32

WSACleanup

wininet

HttpOpenRequestA

comdlg32

GetFileTitleA

Sections

.text
Size: 1.4MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 287KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE