963d1646095aa73c221a0e61502b0f3a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

963d1646095aa73c221a0e61502b0f3a_JaffaCakes118
Size

30KB
MD5

963d1646095aa73c221a0e61502b0f3a
SHA1

bbc0f4458061b30371d8f55d3ee84e4e151aa4b4
SHA256

8042c71b0283da44a43d400f6a8d70fda17800933b91d99ca4c2baec241f7e11
SHA512

7f055d7293ed62bdec6b0f0d0793b54dd3725e52cdaac9b25e65fbafc41be68c76ea07ffe754e7bc1a4311e2be10f6ca5482df715e266e942b8529929d75b6ab
SSDEEP

768:ZT63GHK8irAIhVLVZ37Z1/JDkAFPqdOm/mtQesB:ZTsyK7BxxDcOUmShB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/USPSLabel.exe

Files

963d1646095aa73c221a0e61502b0f3a_JaffaCakes118
.zip
USPSLabel.exe
.exe windows:5 windows x86 arch:x86

870569c1d521d51b08ae0d7bcbc02ade

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

BeginPaint
EndPaint
IsIconic
GetCaretBlinkTime
RegisterClassExA
CreateWindowExA
SetWindowTextA
GetAsyncKeyState
DialogBoxParamA

gdi32

CreateRoundRectRgn
GetBrushOrgEx
DeleteObject
GetStockObject
GetArcDirection

kernel32

HeapDestroy
GetLastError
SetFileAttributesA
GetDateFormatA
SetEndOfFile
GetThreadLocale
GetStartupInfoA
GetEnvironmentVariableA
GetProcessVersion
FreeLibrary
GetModuleHandleA
GetEnvironmentStrings
GetCurrentDirectoryA
IsProcessorFeaturePresent
HeapAlloc
HeapCreate
MulDiv
DeleteCriticalSection
LeaveCriticalSection
GetProcAddress
LoadLibraryA
EnterCriticalSection
InitializeCriticalSection
GetTickCount

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ