f6eaacc7cb3dd47f9a2b89ae9ca8e715_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f6eaacc7cb3dd47f9a2b89ae9ca8e715_JaffaCakes118
Size

692KB
MD5

f6eaacc7cb3dd47f9a2b89ae9ca8e715
SHA1

82f502a26d51f966db4b5fcbea6810dbfd366bfa
SHA256

d5b0be3400b423a47e70bb7f90702c0ac1fe3a7c6cde675e4d35a0f1bd5d9388
SHA512

a141502782022706fcabb2bc472a9db18d46cf1cf3ccbb28f96de3036fb8c2531f02fed209cec9a4005a8316e6174c7fcb8f6127682711c9aa14e7f6b473b8de
SSDEEP

12288:yLsrkzUCf9UyTQuH9LiECqKw+M7g8UzCNXZPWYVand/zG92xYZo3fEPD:yWkzkyTQWLi5qKwFOSXZPla/zQbo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6eaacc7cb3dd47f9a2b89ae9ca8e715_JaffaCakes118

Files

f6eaacc7cb3dd47f9a2b89ae9ca8e715_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a53aac5db0fb650105142feb31d96bb5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetWindowRect

gdi32

SetTextColor

shell32

SHGetSpecialFolderPathW

comctl32

_TrackMouseEvent

shlwapi

PathStripToRootW

ole32

CoTaskMemFree

oleaut32

VariantCopy

libmng

_mng_putchunk_text@20

ijl15

ord2

advapi32

SetFileSecurityW

winspool.drv

ClosePrinter

Sections

.text
Size: 653KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE