78fe0195c13a584d0b6c5c201b14a252_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

78fe0195c13a584d0b6c5c201b14a252_JaffaCakes118
Size

2.6MB
MD5

78fe0195c13a584d0b6c5c201b14a252
SHA1

6de3185320fac0a1b5d874fd7f17cd29aea28adb
SHA256

2d6c7fe0c08dafc182a8ecb6322dc91b39641416f01fbd68cda6f87e659f7224
SHA512

d6c34cf96316f4f121e55d7a31bf399b1674da570f0e2ca7e01105cd6fa2814ddfd34c394eb4db48b8cbb5c6f18f42940abe7e185318e078a0889c8b46cafbe7
SSDEEP

49152:/i+Yrdin1zey/5DOEcW/B/HAKiujuf2BsvcfB31MCpUL:ad1yFbBVAKiu6oAuSx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78fe0195c13a584d0b6c5c201b14a252_JaffaCakes118

Files

78fe0195c13a584d0b6c5c201b14a252_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a8a7280f221c93e70d6b116c119b9693

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

gdi32

WidenPath

version

VerQueryValueA

mpr

WNetOpenEnumA

ole32

CLSIDFromString

comctl32

_TrackMouseEvent

winspool.drv

OpenPrinterA

shell32

ShellExecuteExA

comdlg32

PageSetupDlgA

wsock32

setsockopt

shfolder

SHGetFolderPathA

winmm

timeGetTime

avifil32

AVISaveOptionsFree

msvfw32

DrawDibRealize

oleacc

LresultFromObject

Sections

.text
Size: 2.5MB - Virtual size: 10.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE