dd0e73a123f1dc8e2fb436cb240351bb_JaffaCakes118 | Triage

Sharing

General

Target

dd0e73a123f1dc8e2fb436cb240351bb_JaffaCakes118
Size

277KB
MD5

dd0e73a123f1dc8e2fb436cb240351bb
SHA1

a3db66fc6944045a9639a253bbbf425367e72437
SHA256

53a24bad1cdca920f35b076ef3749f9b50278fed2aa406eb37a2eb3370361daf
SHA512

25fc82b16583ce0777ba881def1261612f47510f4f94bf80e6f676b200a309b9b31fcf08a1a3f3b5d701b6c1130114b7c50094bf0d68bd779e5573c520dbaf7e
SSDEEP

6144:jlYCgzpVQBuBXxezCDWelxli397ztXMkK0a:TgzpVQoeIi3RJMkK0a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd0e73a123f1dc8e2fb436cb240351bb_JaffaCakes118

Files

dd0e73a123f1dc8e2fb436cb240351bb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bb7ae367c67d4418c53103bdf40ae7e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindExtensionA
PathFindFileNameA

oleacc

CreateStdAccessibleObject
LresultFromObject

gdiplus

GdipCreateBitmapFromStream
GdipBitmapUnlockBits
GdipGetImageWidth

kernel32

GlobalAddAtomW
GetOEMCP
WriteFile
GetCurrentProcess
VirtualQuery
SetFilePointer
FlushFileBuffers
HeapAlloc
EnumResourceNamesW
GetSystemInfo
HeapFree
GetStringTypeExW
ReadFile
SetEndOfFile
VirtualProtect
ExitProcess
RtlUnwind
FindAtomA

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

Sections

.text
Size: 136KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ