8752a5a1bd4149beea4db6e48ec2896a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8752a5a1bd4149beea4db6e48ec2896a_JaffaCakes118
Size

245KB
MD5

8752a5a1bd4149beea4db6e48ec2896a
SHA1

0b0e6f2dca323be8c2dcc282532c3625686ffeb9
SHA256

b8d645277d744f60d16f76cc615b6d96c01e4b21be9af3d672cee9aae5c1b58d
SHA512

49d611004788778bb03cd9e2b45729cca7ad3fa0e8ab6a2413a249218002d6087ca32a8309157e0d1d0fe362def1fa66ca282a44b09c122e434220f493e306cc
SSDEEP

6144:MNvDEWy7GbNSBeZ02nTGw0zioIUYFOv9ge:WvojMNSMdGzHIUYAVg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8752a5a1bd4149beea4db6e48ec2896a_JaffaCakes118

Files

8752a5a1bd4149beea4db6e48ec2896a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1cecfffae6f53ed20aac9916a901e412

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadModule
HeapDestroy
HeapCreate
lstrcmpiA
VirtualFree
GetModuleFileNameW
TerminateProcess
UnhandledExceptionFilter
GetACP
GetOEMCP

oleaut32

DispGetIDsOfNames
DispGetIDsOfNames
VarUI1FromDec
CreateErrorInfo
SafeArrayAllocDescriptorEx
GetErrorInfo
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter

Sections

.text
Size: 148KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 740B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ