8085a665545445a7acd1345a94d80504_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8085a665545445a7acd1345a94d80504_JaffaCakes118
Size

640KB
MD5

8085a665545445a7acd1345a94d80504
SHA1

5c1bab09d7cb4a8b122d948a7f2617d07890fe48
SHA256

bdd45211787ccb6c9170838e5740279d1c48fdb8aeab666af1c92e24a3f60a46
SHA512

642f7f1386c95401a870f48fb300e245c5641f4e6cdb2a6705e283117d30129a5eebdff7c44119527546441922fdd7d7d724648eee6b3d66dae599d3d6e262cd
SSDEEP

12288:nc6gu5+ShxI8nICA0oD7VbQCpFM2gkYphvnTdBYWZG/nowFFvJBjDZ:nc6gu5ZzIknz67VbQ8FvgVhvnTdBbEoK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8085a665545445a7acd1345a94d80504_JaffaCakes118

Files

8085a665545445a7acd1345a94d80504_JaffaCakes118
.exe windows:5 windows x86 arch:x86

446821258f49668a8bfd8eff30b724f5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExW

user32

LoadStringW

msimg32

AlphaBlend

gdi32

UnrealizeObject

version

VerQueryValueW

mpr

WNetOpenEnumW

ole32

OleUninitialize

comctl32

InitializeFlatSB

shell32

ShellExecuteW

winspool.drv

OpenPrinterW

wsock32

__WSAFDIsSet

Sections

.text
Size: 564KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 75KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE