fde57a6fe1ad90f4e7aeb6c5a3e53d55_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fde57a6fe1ad90f4e7aeb6c5a3e53d55_JaffaCakes118
Size

632KB
MD5

fde57a6fe1ad90f4e7aeb6c5a3e53d55
SHA1

a1e0c76a32aa79bef14f39c5746c322f09a415e5
SHA256

5b9ae9e5c93b90e611c8bda5c287ea830acdac5c9345b0c3956ef52a29b71b49
SHA512

edb91272ce1fda2bcf7824a861b1a03f63b9594fb62acca2295e63fa0ad28fc62d18236f8f3edd24136534c0c2efa447d538f2c31b56b2f45a8c2d64d40ca321
SSDEEP

12288:ZOQgb5z1rrNekW48YeapAOpTNikbXhbQNJRkniyZTKKgV2J++T:0Q+RFW481xOphaNrnSTKST

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fde57a6fe1ad90f4e7aeb6c5a3e53d55_JaffaCakes118

Files

fde57a6fe1ad90f4e7aeb6c5a3e53d55_JaffaCakes118
.exe windows:4 windows x86 arch:x86

48424294a2d967361bb7760b9c21da8c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

rasapi32

RasHangUpA

winmm

midiStreamOut

ws2_32

htons

user32

GetClassNameA

gdi32

GetPolyFillMode

winspool.drv

ClosePrinter

advapi32

SetSecurityDescriptorDacl

shell32

Shell_NotifyIconA

ole32

StgCreateDocfileOnILockBytes

oleaut32

SafeArrayUnaccessData

comctl32

ord17

oledlg

ord8

wininet

InternetCanonicalizeUrlA

comdlg32

GetFileTitleA

Sections

.text
Size: 591KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE