d5086d730da2ab6fc00a90069a2094c6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d5086d730da2ab6fc00a90069a2094c6_JaffaCakes118
Size

698KB
MD5

d5086d730da2ab6fc00a90069a2094c6
SHA1

24912ea01cfd0b1445b221d94a6df1275dcf8149
SHA256

81e33190f55b23303c9e0c953e6703c46c5bc5e37164c16f4576f47caab75cd1
SHA512

7735213e8e3e0cb4b544e52b34ff7c039d786e6df0e42740cfa3b715049525543eef2a4ef372f7d2efece6c9ca6f3343209fb9b26df5bd662736b0173f1d29d8
SSDEEP

12288:264ibKnBE2rTZySr373KtUoHe9E6FQgswfa7qdc8XWLueb2TFBqlXCec:Vzb0BEOFH3Ke1E6NuCcRuhBqw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5086d730da2ab6fc00a90069a2094c6_JaffaCakes118

Files

d5086d730da2ab6fc00a90069a2094c6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d47efc5463ce3d909d7858f71a02c4e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

RegCloseKey

comctl32

ord13

comdlg32

GetFileTitleA

d3d9

Direct3DCreate9

dsetup

ord11

gdi32

ArcTo

ole32

OleRun

oleaut32

LoadTypeLi

oledlg

ord8

olepro32

ord251

shell32

DragFinish

user32

GetDC

wininet

InternetOpenA

winspool.drv

ClosePrinter

Sections

Size: 686KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE