3402d82b4b0c696bf3f063aa38b63c4c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3402d82b4b0c696bf3f063aa38b63c4c_JaffaCakes118
Size

516KB
MD5

3402d82b4b0c696bf3f063aa38b63c4c
SHA1

634f264d1244fc87fdde14b709d005da9e5671e0
SHA256

d06289e80809dcc3a056e7f3dd055b060b7ea98ec7cae0ea3fe2fcef2f5eb9df
SHA512

7e4e7daa1a1611a832fcc6aa15d17c67f536b9d6e0a4589f3f3c6684437edfc33b1898e764c8939babe339edc07d023ef7bce0c17c4c38672d10deac015377e7
SSDEEP

3072:sSV4P1BM7yr/blEyaMLWmyyVc6Mpo5cWS3M0:5VQnM7y/JEJEyWczdWS3M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3402d82b4b0c696bf3f063aa38b63c4c_JaffaCakes118

Files

3402d82b4b0c696bf3f063aa38b63c4c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

63cdba4d3ae4af54c51b2f25af80244d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetGoOnline

advapi32

RegDisablePredefinedCacheEx
LogonUserW
GetUserNameW
InitializeAcl

winspool.drv

GetPrinterDataW

user32

SetLastErrorEx
FindWindowA

kernel32

GetLogicalDrives
DebugActiveProcess
GetCommMask
GetModuleHandleW

gdi32

SetTextAlign
LineDDA

lz32

LZSeek

Sections

.text
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ZX
Size: 370KB - Virtual size: 379KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ