f58735f519adfb7b4eab6e66e4a85b59_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f58735f519adfb7b4eab6e66e4a85b59_JaffaCakes118
Size

331KB
MD5

f58735f519adfb7b4eab6e66e4a85b59
SHA1

a0292b515bb7f70d250586061d2bec24529f1fa5
SHA256

b610f25df44277d1956eca7131ca6453bc7a3fd8a896093457a958b50e0bd439
SHA512

973dd1de98ded19ef702e57912cf4b8ae41517e5ed83d8af5447f5a5af326d1889751cac1a1abf9064378e1c334c3102b9fcf16aa4d98eb6c29ea720b4ba548e
SSDEEP

6144:4lTGb3cU7uLVjoTwplycdwrhnXcijFTYuGpw9ooEcoAlJuEpc8ySXTVbIb4jc:4lKYokVjlrYVXciZvteoEdMuQpFIGc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f58735f519adfb7b4eab6e66e4a85b59_JaffaCakes118

Files

f58735f519adfb7b4eab6e66e4a85b59_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0e2d855bfdf399cedc5751d376c6742a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
CreateTimerQueue
GetLastError
GetModuleHandleA
IsBadWritePtr
GetProcAddress
HeapCreate
ResetEvent

user32

SendMessageA
GetTopWindow
InSendMessage

ole32

CoInitialize

netapi32

NetDfsManagerInitialize

psapi

GetModuleInformation

avifil32

AVISaveOptions
AVISaveOptionsFree

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 678B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 227KB - Virtual size: 683KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ