d162fe26ae99b2c57c654bc8e041773d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d162fe26ae99b2c57c654bc8e041773d_JaffaCakes118
Size

1.0MB
MD5

d162fe26ae99b2c57c654bc8e041773d
SHA1

66416173e2fcc885e0baf60957c00bf894d941a6
SHA256

0c8055630f8686bbb845d77e3ef35547a5b697f675255f54005d20ed02d56fa3
SHA512

75aceacab7eae659f6d5c456676fd5c673643fc60e32782d4e4608d1867b17071b6357f2fcd4507debbc960d42c9c106d3352ad0f17b0900a3e672099d70cdbd
SSDEEP

24576:VKux5IoAniYgrWPdKg8/L3JvCa/3gomVT8jGU+0:VxCltE5vCAgtVCGI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Pedido Anexo Mail003.exe

Files

d162fe26ae99b2c57c654bc8e041773d_JaffaCakes118
.zip
Pedido Anexo Mail003.exe
.exe windows:5 windows x86 arch:x86

58ac9995f50d4172401d5a5ccbcca97b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExW

user32

LoadStringW

msimg32

AlphaBlend

gdi32

WidenPath

version

VerQueryValueW

ole32

CreateStreamOnHGlobal

comctl32

InitializeFlatSB

urlmon

CoInternetCreateZoneManager

wininet

HttpSendRequestExW

shell32

ShellExecuteW

comdlg32

ChooseColorW

winspool.drv

OpenPrinterW

wsock32

WSACleanup

crypt32

CertOpenSystemStoreW

shdocvw

DoOrganizeFavDlg

Sections

.text
Size: 1.0MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE