8dda09a9503556e61c19955ac3427201_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8dda09a9503556e61c19955ac3427201_JaffaCakes118
Size

78KB
MD5

8dda09a9503556e61c19955ac3427201
SHA1

1fd0e513f165295b02aa1ad4150bfe3527032c0a
SHA256

c549b6353de5afaeae68512e92d9ec189d6514a2ecad5e5acfd69954aabfb4a7
SHA512

658d1e2ed03cd584983a26853aebd0d96ddecf043ce29194ec4ff69281244561e7b70a4ae9c0f8f7d6c1f6d8d547de0b893c0ea2d91eafbe42759080cbcbf147
SSDEEP

1536:tLa6a76pimVKaCU79WSmoPp0NVLdNtrCRkAe5qaIOQLcYoDTTdt:ET+tFsSmoPp0NjrrCRkAewNOQRyt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8dda09a9503556e61c19955ac3427201_JaffaCakes118

Files

8dda09a9503556e61c19955ac3427201_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bc3f8e62e0db1316688d359fd8455e94

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

UnregisterClassA

ws2_32

inet_ntoa

mpr

WNetAddConnection2A

oleacc

LresultFromObject

gdi32

DeleteDC

winspool.drv

DocumentPropertiesA

oleaut32

VariantChangeType

Sections

.text
Size: 73KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE