e1873f039f28bbd1a4742b34a1a8b96e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e1873f039f28bbd1a4742b34a1a8b96e_JaffaCakes118
Size

160KB
MD5

e1873f039f28bbd1a4742b34a1a8b96e
SHA1

a64660834bc8a69724840dd179559c3953075a03
SHA256

de86190107695e50bd9cbb70ec604d95532cd2c5532a78d34cc7bb4f0d063dbe
SHA512

9a8823ee5cd242937a282b26fee03eefdb7665a58b7be2a672306384dd7a3199678dffe4d8119b3438a01ecf5c7fc9402fbf65ed9a3dfb4167f2e752bfac48a6
SSDEEP

3072:sh98nk3P1kcBrGuvF9pU7QIeQCNwrPtdDaelX77l8pbqOjsjx7XjX:sX8k/rrGUF4TDR758pbqOjsV7XjX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1873f039f28bbd1a4742b34a1a8b96e_JaffaCakes118

Files

e1873f039f28bbd1a4742b34a1a8b96e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3cfc3bf4434bc8960da3a1e1c104614d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

user32

UnregisterClassA

gdi32

CreateCompatibleDC

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter

advapi32

RegCloseKey

shell32

SHGetPathFromIDListA

comctl32

ord17

oledlg

ord8

ole32

OleUninitialize

olepro32

ord253

oleaut32

SysStringLen

Sections

pec1
Size: 134KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE