39860df9132d272681525dfec2d33eb9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

39860df9132d272681525dfec2d33eb9_JaffaCakes118
Size

513KB
MD5

39860df9132d272681525dfec2d33eb9
SHA1

aa901a787336b1ef8437071aabbfe005ec2d341d
SHA256

9167378dbf6ba8e3eee4a0a07c8e254c3feaae215e7ecb412a8084b02d3008e0
SHA512

4d8f6bbe022146efa28cf2fc561b93f469bae072d6108c33f932b229e7704c6257c399117bb362e196af82d559d865a5aa12ecb45d19d052c3d732405c5ff5aa
SSDEEP

12288:nlZ91m9GsOYqlEg7FotPgxESJ+fpxejBNtDIu:D9g9GxljxEPgxESJ+zODIu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39860df9132d272681525dfec2d33eb9_JaffaCakes118

Files

39860df9132d272681525dfec2d33eb9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

636e6bf88c77b6a2d59135e71580c726

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetClassNameA

gdi32

Escape

winspool.drv

DocumentPropertiesA

comdlg32

ChooseFontA

advapi32

RegCreateKeyExA

shell32

Shell_NotifyIconA

ole32

OleInitialize

oleaut32

VarDateFromStr

winmm

waveOutPause

comctl32

ord17

ws2_32

closesocket

Sections

.text
Size: 383KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 129KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE