0ce284427a77ee8970c6e56e4cd06e49_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ce284427a77ee8970c6e56e4cd06e49_JaffaCakes118
Size

4.6MB
MD5

0ce284427a77ee8970c6e56e4cd06e49
SHA1

df1a50bed5ffc42f95373737689ca18d0dde732a
SHA256

d14307656cb9d82046ef7435a7a7477c33b518a9c8281c26edc73b326cb9ceee
SHA512

3a531c1a9760a519fe39f206bff894379336a30cc018963473e12c0a81cf68ac1c15dc829bb4b6cf437edce68b53d849eac6314f281a68672dae543112287992
SSDEEP

49152:LAUx+Q2BQN8MhEsPKyQRru2rtT/qPSeb2y8tR2AIblk2mzzbWksskWRz3:pxVhOy2rRSqeSynbl+3lsskWt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ce284427a77ee8970c6e56e4cd06e49_JaffaCakes118

Files

0ce284427a77ee8970c6e56e4cd06e49_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9ebf8dff517aa5b4f0f31a44ce2e8c40

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32 kernel32

lstrcpyW ��'

kernel32

lstrcpyW

user32

GetKeyState

gdi32

CreateBitmap

comdlg32

PrintDlgA

winspool.drv

OpenPrinterA

advapi32

RegCloseKey

shell32

SHGetFileInfoA

comctl32

ImageList_Draw

oledlg

ord3

ole32

StgIsStorageILockBytes

olepro32

ord253

oleaut32

SysStringByteLen

ws2_32

htons

shlwapi

StrCatW

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 28KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ