34b3f405e5f86a7168873ac0b28ae1a5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

34b3f405e5f86a7168873ac0b28ae1a5_JaffaCakes118
Size

1.4MB
MD5

34b3f405e5f86a7168873ac0b28ae1a5
SHA1

84b343bb0a8f8c75091e93f70f9fda61989ce140
SHA256

0634a9e4f21d102de74d430e654a678ec0525dee066f180d166cd16bd58138c5
SHA512

48a64cdcd51403db52e7697141e7cb3591984b5ebffc35cc4cb146723d7033c425ad9f2279a1481cd7dbba0db0bb2c3893c2d06bf7ccb0222b548932b3906397
SSDEEP

24576:Uk0MXVsj890QL7JMMO8e5ZrQR6yi1CLTdnfdjQuJmhsTjj74B00eU9x4l:uesY90ANMMO8QZrki1CPdn1ZwKTv7PoK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34b3f405e5f86a7168873ac0b28ae1a5_JaffaCakes118

Files

34b3f405e5f86a7168873ac0b28ae1a5_JaffaCakes118
.exe windows:5 windows x64 arch:x64

ccd2ae46e8e44f9e5789bd456bdf9e7c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

oleaut32

SysFreeString

advapi32

RegCloseKey

user32

CharNextW

msimg32

AlphaBlend

gdi32

Pie

version

VerQueryValueW

ole32

IsEqualGUID

comctl32

ImageList_Add

msvcrt

memset

shell32

Shell_NotifyIconW

comdlg32

GetSaveFileNameW

winspool.drv

OpenPrinterW

gdiplus

GdipFree

Sections

.MPRESS1
Size: 1.3MB - Virtual size: 6.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE