83e7145fa27adb0a7d7e55c27ef82391_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

83e7145fa27adb0a7d7e55c27ef82391_JaffaCakes118
Size

1.4MB
MD5

83e7145fa27adb0a7d7e55c27ef82391
SHA1

274270bc47f28ec248c77f1bc63f97635181885c
SHA256

2516cd348d6c2e2a0f410c93d545bf74470bc74d6c13864b4062a7e0faa97a5f
SHA512

2883704688a199e71de192aac8ab5fa67655ef45a385444f509640a78fe97e28f3c39ebc96b4d8b43d0d897747d3e6d1ea49000ef296466bba4faafd7cc225fd
SSDEEP

24576:mLGNAh3bv2SiMAXrEv0GkyEmNfCthvTdjDiJYsEJ1mvUJE+w3dBMXNMbx:mGmoMAXpyE2fwf9B1UUJEaMb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83e7145fa27adb0a7d7e55c27ef82391_JaffaCakes118

Files

83e7145fa27adb0a7d7e55c27ef82391_JaffaCakes118
.exe windows:4 windows x86 arch:x86

de05e50457947113ed1d58395d05e625

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

EndDialog

gdi32

BitBlt

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter

advapi32

RegSetValueExA

shell32

ShellExecuteA

comctl32

ord17

shlwapi

PathIsUNCA

oleaut32

VariantChangeType

ws2_32

ntohl

Sections

.text
Size: 1.3MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��A
Size: 91KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE