c2038d54107583034be71dd1766aa7ac_JaffaCakes118 | Triage

Sharing

General

Target

c2038d54107583034be71dd1766aa7ac_JaffaCakes118
Size

300KB
MD5

c2038d54107583034be71dd1766aa7ac
SHA1

9f8b0c7ea6d9295e263a7001cc81331374d4928f
SHA256

5bcf274f78bd4c862e92b8174500032ad841a5adff21227e7b4e1d05d98900de
SHA512

0038cb0f74006d8a8edb896601f7f8e6f0ade8a10350cfa083c3abc305c70116677743c00f46472f45a963b866a9c85b9478e1162d71f0cf74d9160e02f24c6a
SSDEEP

6144:1BvXvE1gI/fecxTHXFoESPkrt0274wZIdooCtx2vOLMQs9IdyWpElTAnysWD+:1RfE1gIXjzXGtQt0q4wZMhCyOLMQdyWw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2038d54107583034be71dd1766aa7ac_JaffaCakes118

Files

c2038d54107583034be71dd1766aa7ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c5644957abd408163e51f12dec63dd2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

advapi32

RegSetValueA

iphlpapi

GetAdaptersInfo

user32

TabbedTextOutA

gdi32

RectVisible

comdlg32

GetOpenFileNameA

winspool.drv

OpenPrinterA

shell32

SHGetMalloc

comctl32

ImageList_GetImageInfo

shlwapi

PathFileExistsA

oledlg

ord8

ole32

CoDisconnectObject

oleaut32

VariantClear

ws2_32

WSACleanup

wininet

HttpOpenRequestA

Sections

.text
Size: 250KB - Virtual size: 632KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE