2861210385b795f21c15f4a174150070_JaffaCakes118 | Triage

Sharing

General

Target

2861210385b795f21c15f4a174150070_JaffaCakes118
Size

593KB
MD5

2861210385b795f21c15f4a174150070
SHA1

95908fd71c9a5aa3a0244f4eb11d6c7baeab009c
SHA256

73728e671e17e7000298898a5f19e25c5efd7aa0a5d136bd8a6021b70f2c6dd2
SHA512

cabdb5ab5b427a7e9bb3cb48d68d5f2513b8de508bcd01b6c7a808bff3b0400e7214d8354ebfb59ad156c0e2b808be67d3d6e6d09ed6ecbd89bb9786b7de2378
SSDEEP

12288:YVanig8vAC0uTouuK+nKwoGsT5RabdxRF4k8jk:canRin0sodnnLUF0RxQkI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2861210385b795f21c15f4a174150070_JaffaCakes118

Files

2861210385b795f21c15f4a174150070_JaffaCakes118
.exe windows:5 windows x86 arch:x86

62ea002873d0e4b10d2d40a1b8911524

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

wininet

InternetConnectW

version

GetFileVersionInfoW

setupapi

SetupDiDestroyDeviceInfoList

ddraw

DirectDrawCreateEx

user32

PostQuitMessage

gdi32

SetViewportExtEx

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW

advapi32

SetSecurityDescriptorOwner

shell32

Shell_NotifyIconW

comctl32

_TrackMouseEvent

shlwapi

PathFileExistsW

ole32

CoCreateInstance

oleaut32

VariantClear

winmm

timeGetTime

Sections

.MyCrack
Size: 461KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

[�
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE