294c2bf26cf6499c3042cb6fc346f6a3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

294c2bf26cf6499c3042cb6fc346f6a3_JaffaCakes118
Size

98KB
MD5

294c2bf26cf6499c3042cb6fc346f6a3
SHA1

1366601b1e53762c1b68c10ba73ff601c62be64e
SHA256

6606d35a9dd8493cd612ef3d4dbcdaa47df56f80e175895c0066077de41e5dbb
SHA512

9cf3754da1bf7c6f804d9e17bab0cce7e9b85976255c738cbf564bf8f01fd88117425224094aea5fceb186588b24648a2969ba3c0d041ce51b9cc8828f9bb233
SSDEEP

1536:3qe//Xyai3L6LsyUyR1uxvbEhYJOQ/tFh/sXqaxDnfrUoBh6e2N:1/ktyUM1gEhYJOQFqaKDnjUoBhKN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
294c2bf26cf6499c3042cb6fc346f6a3_JaffaCakes118

Files

294c2bf26cf6499c3042cb6fc346f6a3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bb7954fbcd7de3df91620c61096851f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

PlaySoundW

hooklt

?UnmapDll@@YAHPAUHWND__@@@Z

user32

DestroyMenu

gdi32

DeleteDC

winspool.drv

ClosePrinter

advapi32

RegDeleteKeyW

shell32

Shell_NotifyIconW

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameW

oleaut32

VariantClear

Sections

.text
Size: 86KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE