323219c31c93dd997eaade1bb23235a4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

323219c31c93dd997eaade1bb23235a4_JaffaCakes118
Size

455KB
MD5

323219c31c93dd997eaade1bb23235a4
SHA1

ec324cacf223f36f19ef3805d320245312a9c1dc
SHA256

c9ab870aa61a826331738a5e6a9646f53ff520c856c1fc0ea67fc211570c8599
SHA512

fe0bbd60d9fb1e2723582ba33dec4bbca4a42debe47effb0fb0ba40d4543e6b29e1f23947da4370b4241c64360539d98ab523430928bfe2b805abc289530be6b
SSDEEP

12288:Xbmnfz4KZqftb+PouX/Ffw9V1k+QyAAXfDr:X3Nl+tX/pw9V1k+hdXfH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
323219c31c93dd997eaade1bb23235a4_JaffaCakes118

Files

323219c31c93dd997eaade1bb23235a4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

999c86d640c8113b291b0774b833a7da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

advapi32

RegDeleteKeyA

comctl32

ImageList_Destroy

comdlg32

GetFileTitleA

gdi32

EqualRgn

ole32

StgOpenStorageOnILockBytes

oleaut32

VariantTimeToSystemTime

oledlg

ord8

olepro32

ord253

shell32

ShellExecuteExA

user32

GetSysColorBrush

version

GetFileVersionInfoSizeA

winmm

mciSendStringA

winspool.drv

ClosePrinter

Sections

.text
Size: 340KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE