8a556d4ee83b1afcee3ba23403f9d02a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8a556d4ee83b1afcee3ba23403f9d02a_JaffaCakes118
Size

1.1MB
MD5

8a556d4ee83b1afcee3ba23403f9d02a
SHA1

0c39aac958e3173433dafb3362695858104eaf99
SHA256

bb7be155232298bd602613260c0bd87adf28ed4ead5838cd1a11f8d22c6d39e1
SHA512

527ece2ac1eba885ecd0dc12bc051e39c6bbe2757b35999f7d61c9e401848486aeb092694e5412d950818379b0b03a3b9824c6bb8649dbee61853026ace34e1b
SSDEEP

24576:N55G0WLKc98XTlzHqajoBuH6chv8Gx6YOZulX/HM7EIj:3o0gKMaVHhv1Ok9s7Hj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/KsSuperGraphEx/KsSuperGraphEx.exe

Files

8a556d4ee83b1afcee3ba23403f9d02a_JaffaCakes118
.rar
KsSuperGraphEx/KSGEHELP.CHM
.chm
KsSuperGraphEx/KsSuperGraphEx.exe
.exe windows:5 windows x86 arch:x86

a975ae8c4851d5d00bfbf49feee1be75

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

TranslateAcceleratorA

gdi32

CreateFontIndirectA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA

advapi32

RegSetValueA

shell32

DragFinish

shlwapi

PathFindExtensionW

oledlg

ord8

ole32

CoRevokeClassObject

oleaut32

VariantClear

gdiplus

GdipCreateBitmapFromHBITMAP

Sections

.text
Size: 249KB - Virtual size: 712KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE