8c7d4cc670f73b2bb437057f29949231_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8c7d4cc670f73b2bb437057f29949231_JaffaCakes118
Size

258KB
MD5

8c7d4cc670f73b2bb437057f29949231
SHA1

45b5d39071d2fd20b5e0edc90938ad6771e4d5d6
SHA256

d2f3d2bf07693de8703a5bc19c2fc8d9a7c7adc06694fd68405fc926e08fa177
SHA512

98455d0594ced96240c7e650c8ff2c94498cd03e61113bc345ad88c8d9bcbb1ef578d4f1271b9130b042374f85b1dcc03fe2a397d23f3b43864023220d7bd086
SSDEEP

6144:yzOzL3NpqNFE5vZ96Fwp2pUMomGbJbjZDo4zViI+LKlQtyLg:lVpqFE5vZCUI055oQVHBljg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c7d4cc670f73b2bb437057f29949231_JaffaCakes118

Files

8c7d4cc670f73b2bb437057f29949231_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab16b6bc46c273757b4cad29d9b37eba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

SetClipboardData

gdi32

SetStretchBltMode

winmm

midiStreamRestart

winspool.drv

ClosePrinter

advapi32

RegCreateKeyExA

shell32

ShellExecuteA

ole32

CreateILockBytesOnHGlobal

oleaut32

SafeArrayCreate

comctl32

ImageList_Destroy

oledlg

ord8

ws2_32

recv

comdlg32

GetOpenFileNameA

Sections

.text
Size: 244KB - Virtual size: 696KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE