148deadffa9f8718b336e5644629b5da_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

148deadffa9f8718b336e5644629b5da_JaffaCakes118
Size

277KB
MD5

148deadffa9f8718b336e5644629b5da
SHA1

6ec69e55fb1c6689ca62d21001dc1a2b09722877
SHA256

114101e84e0fa13de3aeecaedff410df899e9e0625fadd8cef3f38a684146a8a
SHA512

618202d0497742cd238ff4d8d59df75b2bc64948955e02837345ff4aefcac0cc917d3e0eefb49d8bd19ad5792301c84ec84051b8b2d0ed7f2c01f0eab48ceda1
SSDEEP

6144:jlYCgzpVQBuBXxezCDWelxli397ztXMkK0a:TgzpVQoeIi3RJMkK0a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
148deadffa9f8718b336e5644629b5da_JaffaCakes118

Files

148deadffa9f8718b336e5644629b5da_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bb7ae367c67d4418c53103bdf40ae7e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindExtensionA
PathFindFileNameA

oleacc

CreateStdAccessibleObject
LresultFromObject

gdiplus

GdipCreateBitmapFromStream
GdipBitmapUnlockBits
GdipGetImageWidth

kernel32

GlobalAddAtomW
GetOEMCP
WriteFile
GetCurrentProcess
VirtualQuery
SetFilePointer
FlushFileBuffers
HeapAlloc
EnumResourceNamesW
GetSystemInfo
HeapFree
GetStringTypeExW
ReadFile
SetEndOfFile
VirtualProtect
ExitProcess
RtlUnwind
FindAtomA

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

Sections

.text
Size: 136KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ