f58d8f9fbf98ddc75f7d9bda674c5933_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f58d8f9fbf98ddc75f7d9bda674c5933_JaffaCakes118
Size

519KB
MD5

f58d8f9fbf98ddc75f7d9bda674c5933
SHA1

2dec8b94aaea9b80437a3432c8c551397ba51531
SHA256

155f91e273b243f2fddf7116a9f2b159a68cb6974f77e6ae773013be260826fd
SHA512

a4fea6fd0d95b8108ec8027eb10841ca2a6588334c6264a95096ae5451130bdf8dea47e30e2216545dbce71bdad712eb65c69dfee31d06171f1df41cee08b21c
SSDEEP

12288:J2/TWRnR3E31Hsfy31QzZRLyK42Igk/1IXDdBBTgVrS7ZWm9t:wWRnSCfy0ZR2cIdW2VrSHt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f58d8f9fbf98ddc75f7d9bda674c5933_JaffaCakes118

Files

f58d8f9fbf98ddc75f7d9bda674c5933_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1d559a00732349d4705dee2b57e531fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

dsetup

ord11

user32

GetDC

gdi32

ArcTo

comdlg32

FindTextA

winspool.drv

GetJobA

advapi32

RegEnumKeyA

shell32

DragFinish

comctl32

ord17

shlwapi

PathIsUNCA

oledlg

ord8

ole32

OleRun

oleaut32

LoadTypeLi

d3d9

Direct3DCreate9

wininet

InternetOpenA

Sections

.MPRESS1
Size: 412KB - Virtual size: 960KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE