9a68cd693ec5e85bed230d700a3ca9c5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9a68cd693ec5e85bed230d700a3ca9c5_JaffaCakes118
Size

112KB
MD5

9a68cd693ec5e85bed230d700a3ca9c5
SHA1

94c36261963227b9131789b5aa8512c6403df12f
SHA256

2d92fbdb46eee58655cd4bf20d47da1a4018ee29326f903fbe82528f8e22f800
SHA512

163c0eac280eb7fedc2803a199bd5a795edcc10cb512038580a46063d482513302deb9ff4aa2f58951aa01bb409e0d2f835d520700fbef1e3dc573bb7b417176
SSDEEP

1536:bQvbwEqKKSTR7Jq99Fo6GbrQFucYeIqsYXM7iJJWZ/yX8ZLgWCHnVOysLt9H+6Je:bQDHqv27+gMJAqVc7iJfEtk9T6J69

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9a68cd693ec5e85bed230d700a3ca9c5_JaffaCakes118

Files

9a68cd693ec5e85bed230d700a3ca9c5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e8ce6e05e686df131320d07a6c3ab2c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDC

gdi32

Escape

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter

advapi32

RegCloseKey

shell32

ShellExecuteA

comctl32

ord17

oledlg

ord8

ole32

CoTaskMemFree

olepro32

ord253

oleaut32

SysFreeString

wininet

InternetOpenA

winmm

joyGetPos

Sections

.MPRESS1
Size: 104KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE