c20939147eb67357c0650ab37b6eeadf_JaffaCakes118 | Triage

Sharing

General

Target

c20939147eb67357c0650ab37b6eeadf_JaffaCakes118
Size

225KB
MD5

c20939147eb67357c0650ab37b6eeadf
SHA1

cad1d5830e2d6305efbc6e6e1eea5f490c37de6a
SHA256

3cc5d5b48613f4ea2cf35e995fcb3ce241afb965501eb95d5a1b6707a58f1a15
SHA512

a8a83de7e4ba54d0a7a18827838732a6ce0cc8eb325186ccdd82e27635e199b5b5bc7ac360ff8c3f6641b6cd7e6ed503eb3c9d8544a4af4a23d21793b3e6421c
SSDEEP

6144:qEcZvBiuNyGMIkYIRHCzMB762IHK5aUYnSxk4n:qEcZZiu4FIkhRH1BhIHka7An

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c20939147eb67357c0650ab37b6eeadf_JaffaCakes118

Files

c20939147eb67357c0650ab37b6eeadf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

77e21cee1a61de89bd1371e1e775e922

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

shlwapi

SHGetValueW

iphlpapi

GetNetworkParams

gdiplus

GdipGetImageHeight

wininet

InternetCrackUrlA

user32

LoadCursorA

gdi32

PtVisible

comdlg32

GetOpenFileNameA

winspool.drv

OpenPrinterA

advapi32

SetSecurityDescriptorDacl

shell32

SHAppBarMessage

comctl32

ord17

oledlg

ord8

ole32

OleFlushClipboard

olepro32

ord253

oleaut32

GetErrorInfo

urlmon

URLDownloadToCacheFileA

Sections

.text
Size: 184KB - Virtual size: 588KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE