33533830e0da467be38a8b4ff5783bf3_JaffaCakes118 | Triage

Sharing

General

Target

33533830e0da467be38a8b4ff5783bf3_JaffaCakes118
Size

771KB
MD5

33533830e0da467be38a8b4ff5783bf3
SHA1

1365c49c74fa50e8f261463c6390f2e09dc96511
SHA256

a335bb3feede08f881e05ae52f672cef76d855ce6a959f4b909115ffa1aafd55
SHA512

1cdad261e281a1f4f0d22baa486dca82490ace3f63b11600f3bc0272893c58c8a912c36cfa69f60bc2916816684f2a7eaaf49284ce4bde59362312224a875907
SSDEEP

24576:ys7L/rvbTOHGzNkM+cGkZ68Pt9sFxfFUmFbdW6UyNH8:yszvb6g2sBr2fFUgbQ6tH8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33533830e0da467be38a8b4ff5783bf3_JaffaCakes118

Files

33533830e0da467be38a8b4ff5783bf3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7aea774478eb8e856717a346c3f2d3ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CoTaskMemAlloc

comctl32

ImageList_SetIconSize

winspool.drv

OpenPrinterA

shell32

ShellExecuteA

comdlg32

PrintDlgA

Sections

CODE
Size: 741KB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE