c96dd3ee5c9c5f6ce433e4f394186139_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c96dd3ee5c9c5f6ce433e4f394186139_JaffaCakes118
Size

347KB
MD5

c96dd3ee5c9c5f6ce433e4f394186139
SHA1

1dd7750489b057b8b1baaa2864961915adf9b515
SHA256

45f064055ba6167e3244f6ab8c18291d2f4fc8eabad5c613cc94d15e4ba0cd61
SHA512

905b56db562476964514e94a899acdd71e473a0b608d7e0e44e1b9b5819f24fdf2a261543a9600d767e9f419f7ea7fbe2faddbfb99e05bc37a2715e80e6834be
SSDEEP

6144:TOKB3VOok48EcnGrTlnYp+9Fq8JBBkOF9QWjg/RRpcrBTXrIhq3ZPp0Hh:yKB3V0vnnGXlnYM9FNJ3F+/RRpcrBT0F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c96dd3ee5c9c5f6ce433e4f394186139_JaffaCakes118

Files

c96dd3ee5c9c5f6ce433e4f394186139_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d4d7d8a52ef3ee0c0f63eabe060207f8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

DrawTextExW

gdi32

ExtSelectClipRgn

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW

advapi32

GetFileSecurityW

shell32

DragAcceptFiles

shlwapi

PathFindExtensionW

oledlg

OleUIBusyW

ole32

CoRevokeClassObject

oleaut32

SysStringLen

imagehlp

ImageDirectoryEntryToData

Sections

.text
Size: 248KB - Virtual size: 596KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE