dce937d4c95d4872ae7255eacbf9522b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dce937d4c95d4872ae7255eacbf9522b_JaffaCakes118
Size

58KB
MD5

dce937d4c95d4872ae7255eacbf9522b
SHA1

b848187457c28ae7a5eca0de5185ce162aa0cb4b
SHA256

47de88aa802446bc78cf05ec0aa216ad771625e7bf4bf32f0af5db2e3a1d0e6e
SHA512

c358592835889c37646643d25638b5335055465d1b99c0b5cd52d7f07e7bf66e37e307f59ecce825e5a8e41d8726303166b6eecf6551e5f15747c447a82d7084
SSDEEP

1536:94uLK4JlXmil7qDm4EelpqiZHJNtBi3dby+ZRLIG:9BjVmG7qDmQdtvteAIIG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dce937d4c95d4872ae7255eacbf9522b_JaffaCakes118

Files

dce937d4c95d4872ae7255eacbf9522b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2822ac041a369a6ec9356f4ba4c40445

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

SetWindowLongA

gdi32

DeleteObject

shell32

SHFileOperationA

ole32

OleSetContainedObject

comctl32

_TrackMouseEvent

wininet

InternetOpenA

fmod

_FSOUND_Stream_Open@16

unrar

RARProcessFile

oleaut32

VariantClear

Sections

.text
Size: 32KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE