681a8494ac9f1cca39bd8cbad1b7859b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

681a8494ac9f1cca39bd8cbad1b7859b_JaffaCakes118
Size

544KB
MD5

681a8494ac9f1cca39bd8cbad1b7859b
SHA1

473b62b885f704b48b8b51f829b07bb975b7abd9
SHA256

f54d26598106655a148456ac3603d190fe136d5a3945ec873a064864f42e7b57
SHA512

e71c8452b659736ad09a3c3587cdc40fd2adb47bda727dc2f92bc44c6896a4a9dd9414a4f9fe23bd9071870c5e490a38d2cc7affe72c0d15de6b5f12962c4f78
SSDEEP

12288:k180RKRZ+HjaZfsW5x9KBBJtvPqn/V+2OxaYu:kHCWjODwTqdCxaY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
681a8494ac9f1cca39bd8cbad1b7859b_JaffaCakes118

Files

681a8494ac9f1cca39bd8cbad1b7859b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d84afd76af7d6ed977f5a371a3b1b6c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExW

user32

MessageBoxA

msimg32

GradientFill

gdi32

UnrealizeObject

version

VerQueryValueW

ole32

OleUninitialize

comctl32

InitializeFlatSB

shell32

Shell_NotifyIconW

winspool.drv

OpenPrinterW

Sections

.text
Size: 496KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE