754f9c8edee42a0c4e4937e2a9de74ad_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

754f9c8edee42a0c4e4937e2a9de74ad_JaffaCakes118
Size

1.4MB
MD5

754f9c8edee42a0c4e4937e2a9de74ad
SHA1

f88150557a718f7587d9f46facd3305a61736f17
SHA256

321a6368a1fedcb9f91dd12ae3d565803f38d17159b0c48401b4f7f3a5931f43
SHA512

6cbd2d1a884f18fcffaee2766622113b426889ef6f6423682536a72974fe4f6869a066315698fbdfa328dacf94ea1d7a674f36d10988342996c33a1ad88be55f
SSDEEP

24576:iHNQqKwXWH7YOt1fg8PW2fmVIhP5JY7iI59AbA0/mseJE8DuhQIs3D7ETRqMg:iyqtGD1fRhfmCnCd0f/reK8DuuFz7MDg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
754f9c8edee42a0c4e4937e2a9de74ad_JaffaCakes118

Files

754f9c8edee42a0c4e4937e2a9de74ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0bc96b00fcbaff967e6e9e74ebb3a9c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

BeginPaint

gdi32

BitBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA

advapi32

RegSetValueExA

shell32

ShellExecuteA

comctl32

ord17

shlwapi

PathIsUNCA

oleaut32

VariantInit

ws2_32

getservbyname

Sections

.text
Size: 1.3MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��̼A!
Size: 91KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE