b97156c76b7efef447a8206f53f7e32c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b97156c76b7efef447a8206f53f7e32c_JaffaCakes118
Size

563KB
MD5

b97156c76b7efef447a8206f53f7e32c
SHA1

5cf38b6b92ab1bbbd77b4d6b65c8222d71175cdd
SHA256

767f9d47d47bce93304f129a11c88b8f442477ae715f8ba21100e7544e312656
SHA512

3e61a74a23ee50c95fc55a5f034293cb6d7f3c1c1087474e005e23473c4533c4389c57133d212a77624af6429651e385d0272b88e33e71e3c77a5564ec85b321
SSDEEP

12288:E5xTvHAEzNA426dO5y+jXt+wmTDS1PlS6YVuTev97e0t+Hu:YHlNAt6sN9DEqlpYcIZe0t+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b97156c76b7efef447a8206f53f7e32c_JaffaCakes118

Files

b97156c76b7efef447a8206f53f7e32c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

17fc2409d45a1d3ef1f7f801f64dab1d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CoTaskMemFree

comctl32

ImageList_SetIconSize

winspool.drv

OpenPrinterA

shell32

Shell_NotifyIconA

urlmon

URLDownloadToFileA

comdlg32

GetSaveFileNameA

wsock32

WSACleanup

ntdll

NtQueryInformationProcess

Sections

CODE
Size: 533KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE