94d44de014dd79e6b089ce33ae15d970_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

94d44de014dd79e6b089ce33ae15d970_JaffaCakes118
Size

29KB
MD5

94d44de014dd79e6b089ce33ae15d970
SHA1

5fc1587ebfa2f89c9b664d95953628fcee3b5ced
SHA256

6fa77cd9793d9fcaab6cd7e6f8f878e10d6b7fd1ca110ec76125d4cefc911642
SHA512

cab8e09c6c48e8bb923565d890db9585432d511dd7a1fba3a1294f194c2f07f04eb2a17a592e9a6a2e65ffc5643c05c042f1227661f04259e7d34400e772da6d
SSDEEP

768:9qGweAZbL3LqRfFRKqNMCSO05xyDxZ1fthULP:8GwCfi4ZOsTFyP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/USPS_Print_Label.exe

Files

94d44de014dd79e6b089ce33ae15d970_JaffaCakes118
.zip
USPS_Print_Label.exe
.exe windows:5 windows x86 arch:x86

c32f855230f97ee2b48a1949544af666

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateWindowExA
BeginPaint
WindowFromPoint
SetWindowTextA
EndPaint
LoadIconA
LoadCursorA

gdi32

GetTextColor
RectVisible

kernel32

GetTickCount
GetEnvironmentVariableA
GetEnvironmentStrings
HeapCreate
HeapFree
GetStartupInfoA
SetEndOfFile
GetProcAddress
FreeLibrary
DeleteCriticalSection
LeaveCriticalSection
LoadLibraryA
EnterCriticalSection
InitializeCriticalSection
GetStdHandle
GetCurrentProcess
HeapAlloc

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ