111a68c890927614d1b1c5ddf32a5d08_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

111a68c890927614d1b1c5ddf32a5d08_JaffaCakes118
Size

501KB
MD5

111a68c890927614d1b1c5ddf32a5d08
SHA1

6fac6c8b5b23fec3dfbc4d2a99c6157791797f04
SHA256

a267417672c3b068d41570c84aaeec1f5cd44d020a308dc5d5f3e8b532f3dbce
SHA512

bf116ef92165e3aa00f918b0e7dddaf013e53be19287f15305788debee044af5df7a06a26e10b7ad7074bca228f45868ad1d570e8590ab3ba3d722ff478c2c26
SSDEEP

12288:ZckLMBgYSgeYURU1gN+B6ip0Kf0RI6Q2SoZjY66taihEB5URH3:R6MqgUBiKf0R1QurEnEB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
111a68c890927614d1b1c5ddf32a5d08_JaffaCakes118

Files

111a68c890927614d1b1c5ddf32a5d08_JaffaCakes118
.exe windows:4 windows x86 arch:x86

43f86dd47e384902bdeba95d83b94365

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetWindowThreadProcessId

gdi32

SelectObject

winspool.drv

ClosePrinter

advapi32

RegDeleteKeyA

shell32

ShellExecuteA

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionA

ole32

CreateStreamOnHGlobal

oleaut32

VariantClear

Sections

.text
Size: 467KB - Virtual size: 972KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE