25920e3d56a160aac3266d936213f8a3_JaffaCakes118 | Triage

Sharing

General

Target

25920e3d56a160aac3266d936213f8a3_JaffaCakes118
Size

5.1MB
MD5

25920e3d56a160aac3266d936213f8a3
SHA1

14fa6bbabda782126691f7d3bf3f405188fc1c43
SHA256

1795c729af40da2987f46772dea302edc17b5af7ae38eb7ef8874487d8fe7836
SHA512

7b25f397774701c3fc548ce34fd1fccf0ed1f4c3046200c51a27b6be6b7626c772a327585c72f9990230b5be0b4001ddde2ff7be34c3da71974ae574bd6f66cf
SSDEEP

98304:DIAdFEBjb6UAREjc2opLkarhzMmA7cjMf:DlnEBjb6gcBAarhzMm6Ca

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25920e3d56a160aac3266d936213f8a3_JaffaCakes118

Files

25920e3d56a160aac3266d936213f8a3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a23af4bb18508f8d5cb3bca7b5c9443d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32 kernel32

RtlUnwind ��,

kernel32

RtlUnwind

user32

DispatchMessageA

gdi32

CreateBitmap

comdlg32

PrintDlgA

winspool.drv

OpenPrinterA

advapi32

RegCloseKey

shell32

SHGetFileInfoA

comctl32

ImageList_Draw

oledlg

ord3

ole32

StgIsStorageILockBytes

olepro32

ord253

oleaut32

SysStringByteLen

ws2_32

htons

shlwapi

StrCatW

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ