24937ff45b90148f6b851e243bc09dd3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

24937ff45b90148f6b851e243bc09dd3_JaffaCakes118
Size

3.7MB
MD5

24937ff45b90148f6b851e243bc09dd3
SHA1

90298f6ae90393e3a733a5d5c15154ac262ca26e
SHA256

d3f60c11af5bc016cbdbbff3b7df8e25aacad2b8de6af052640283a804c3bb54
SHA512

0c69b8835fa6815c83979d1071d0bb1373b3e9e26b4d4136feb88f5336ddcee4e20b14f7c68afb5acdafa3bee9959ca54b523ff60821b0d9d06aedf74848561a
SSDEEP

98304:+aNKta/VW7dWE0Zo2W/8d8DNZ/UebWz/vFu+imRo1FH:+aNKta/U74E3lzNZ/Uem/9iJFH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24937ff45b90148f6b851e243bc09dd3_JaffaCakes118

Files

24937ff45b90148f6b851e243bc09dd3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5221b42f36c3d7e75d53d0c38db38180

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32 kernel32

TerminateProcess ��

kernel32

TerminateProcess

user32

IntersectRect

gdi32

GetDCOrgEx

comdlg32

PrintDlgA

winspool.drv

OpenPrinterA

advapi32

RegCloseKey

shell32

SHGetFileInfoA

comctl32

ImageList_GetImageInfo

oledlg

ord3

ole32

StgIsStorageILockBytes

olepro32

ord253

oleaut32

SafeArrayCreate

ws2_32

htons

shlwapi

StrCatW

Sections

.text
Size: 512KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 28KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ