2303b2abad5e6a83363aa53ad3ac23f0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2303b2abad5e6a83363aa53ad3ac23f0_JaffaCakes118
Size

556KB
MD5

2303b2abad5e6a83363aa53ad3ac23f0
SHA1

dde3300a4694c0fbb376d8a2a6b03ba9608d594f
SHA256

c1e6e5239354df3e2c70a22b0353001cda275bf418f05503a6883f9d3983447f
SHA512

128603d2e66239fff1768d7d6d3d747e657a3d715f118a055f81df066d3109a575979e6db55da191890f212a8fc8e37fbe86d74b4d6f52a3a81fa56062581187
SSDEEP

12288:MRlWWXbytqFzhA40IWCyIJ+8u5dph6sV/1xgQyAX5oFa9M:DabykFzhs8y4+8uXphpV/ryc5l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2303b2abad5e6a83363aa53ad3ac23f0_JaffaCakes118

Files

2303b2abad5e6a83363aa53ad3ac23f0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7b12cb50ccf2db3bf89517c2615757d8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

ReleaseStgMedium

comctl32

ImageList_SetIconSize

shell32

ShellExecuteExA

urlmon

URLDownloadToFileA

comdlg32

PrintDlgA

wsock32

WSACleanup

winspool.drv

OpenPrinterA

Sections

CODE
Size: 537KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE