fa684d8004b6446eb2a2e1257994ca17_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa684d8004b6446eb2a2e1257994ca17_JaffaCakes118
Size

5.1MB
MD5

fa684d8004b6446eb2a2e1257994ca17
SHA1

d0ac13146f3fca96a5ffabe91337c8f146bf4d87
SHA256

f1d6d7121e85daf6a0ce86299178aaef3388112db523fde1a4434e542b6317eb
SHA512

f43d44e059c7695e6137cadb984e10db4b96b77951ce5ed9eb2d8af2f47d334ec6693792070dcd0eba3db1476759d7c2798cd04e93f1d8873e7094fa84f8dfda
SSDEEP

98304:KVs9N9uDrn1ZU2m2b/ghXCGtN4tFocrU0Jk5gHIHWN1yjX7cr:X9NA3AAzMpKGcrPHJ1kX7cr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa684d8004b6446eb2a2e1257994ca17_JaffaCakes118

Files

fa684d8004b6446eb2a2e1257994ca17_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f7b81991f624539048eaba4ad9da0232

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32 kernel32

GetVolumeInformationA �B3

kernel32

GetVolumeInformationA

user32

PostThreadMessageA

gdi32

ExtSelectClipRgn

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA

advapi32

RegCreateKeyExA

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA

oledlg

ord8

ole32

CoTaskMemAlloc

oleaut32

OleCreateFontIndirect

wininet

InternetSetCookieA

ws2_32

inet_ntoa

Sections

.text
Size: 2.8MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ