ec03e98e6fa4e3c4793e3c6b77e5bd10_JaffaCakes118 | Triage

Sharing

General

Target

ec03e98e6fa4e3c4793e3c6b77e5bd10_JaffaCakes118
Size

653KB
MD5

ec03e98e6fa4e3c4793e3c6b77e5bd10
SHA1

ca1781bfe1e1f0a348f1e78f97a5b353ba3330d3
SHA256

5bb9538a6a91ae3ea8d05d713be5ab5c75f76cb761865dabd2ea7a53758e4f4c
SHA512

086dfb0219f7f0a427c6a3a544aea44425c82bf05b9a6e58030ba5c20772c9066ee5e482277246afbdd5d868625e8bfc5a0b6c4115b7543b5bb2eb6594e1b013
SSDEEP

12288:bbH+BS3kgwRCByHBaY9DO+wgfRSk6srx5wA/e70BJvbbYv+Qu7kSfnwksc1F:bLc4wHBaY9DZRRrxacGCBbkio8Bz1F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec03e98e6fa4e3c4793e3c6b77e5bd10_JaffaCakes118

Files

ec03e98e6fa4e3c4793e3c6b77e5bd10_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4eef94df613d2c80243904ce948751e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

memset

comctl32

InitCommonControls

user32

SetLayeredWindowAttributes

gdi32

CreatePatternBrush

advapi32

RegOpenKeyExA

oleaut32

SysAllocStringLen

winmm

waveOutOpen

ole32

CoInitialize

wininet

InternetGetConnectedState

wsock32

closesocket

Sections

.code
Size: 644KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE