16d03c1e910ac393d37985ff7407744d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16d03c1e910ac393d37985ff7407744d_JaffaCakes118
Size

4.0MB
MD5

16d03c1e910ac393d37985ff7407744d
SHA1

3d8bbfc36ac0ae60d1a3585e5e6f3f7d00925f84
SHA256

4e1cdab38d3374b00e3db30b52df29b2d3e494f5fb496b095954befcb48e8b27
SHA512

cd03d4107066718c5ea19b7570945d1d9e93e3ea9cfdf98a4c5127ddf7d8089de6b22d310dd85a9c1a65ceac4a034ccfb28cf0b4f5cfcc812131d9293264c812
SSDEEP

49152:aeppI5OPkT6Qcb2Y+t8rv/v7Y2vnqcNsQqEM1qZ3br0yJyppFwK:aefXPKc6Y+t8rv/v7Y2qmsil/Jyp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16d03c1e910ac393d37985ff7407744d_JaffaCakes118

Files

16d03c1e910ac393d37985ff7407744d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9a9e063da5c89961b29e263cc03d74df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualProtect
VirtualAlloc
VirtualFree
ExitProcess

advapi32

RegCloseKey

avicap32

capCreateCaptureWindowA

gdi32

PatBlt

ntdll

NtUnmapViewOfSection

oleaut32

SysFreeString

psapi

GetModuleFileNameExA

shell32

ShellExecuteA

user32

GetDC

wininet

InternetOpenA

wsock32

send

Sections

.nsp0
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE