a2b8b12257b33fd7b2c177305c3a59ee_JaffaCakes118 | Triage

Sharing

General

Target

a2b8b12257b33fd7b2c177305c3a59ee_JaffaCakes118
Size

1.5MB
MD5

a2b8b12257b33fd7b2c177305c3a59ee
SHA1

d6a877ac1f0900b2d9212acd45252f8d27285a4b
SHA256

d525415caed9ff43647e1bc3aaf9b4f40104f535968d5e5b6d4a65d9ead865e2
SHA512

2baa6f0bae736450e17c419655f066845d47299433fb922dd937783c595e07178362ccf47629d9276694ea23652ce1566c1b8aee75d02aa47094631b99eae5f7
SSDEEP

24576:Q/hSUFG/LHDPMYgIIRAetv0o79/55ZDtjNWvrSEfFYWLGJxcs94ivqQQFzsBFAmP:QJFKHDPgmYvJX+jnxLGJxb2ivqQQNYf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2b8b12257b33fd7b2c177305c3a59ee_JaffaCakes118

Files

a2b8b12257b33fd7b2c177305c3a59ee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bcfc3ebcd90bd4631d65757853beb3bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetActiveWindow

gdi32

SelectPalette

winspool.drv

DocumentPropertiesW

comdlg32

GetSaveFileNameW

advapi32

RegisterEventSourceA

shell32

ExtractIconW

ole32

CoInitialize

oleaut32

VariantChangeType

oleacc

CreateStdAccessibleObject

comctl32

ImageList_GetIconSize

wsock32

gethostname

ws2_32

WSAEventSelect

Sections

.text
Size: 1.5MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE